Data Security Issues Escalate as Risk Management Evolves
Data security is a widespread problem for companies across-the-board. Any entity with a presence on the Internet, with sensitive data on servers connected to the Internet, or transmitting data such as credit card payments, is exposed to this risk. Today, this covers just about all businesses and other organizations, right down to the mom-and-pop shops performing credit card transactions. As data gets passed around at increasing rates, the liability of data breaches escalates with it.
Cyberspace was initially thought to be a domain with few risks for commerce with limited property and general liability exposures coming into play. These naïve concepts have long hardened into the realization that new sets of cyber liability risks have emerged; risks that are not often covered by standard property and general liability policies. Lost, stolen and hacked personal data unleashes a firestorm of customer resentment, litigation from aggrieved parties, and regulatory actions. Large lawsuits have risen over the past decade regarding breaches of data security, with the largest coming at the tail end of the past decade. Most of the vitriol in the court system has been directed toward credit (and debit) card processors and retailers such as Heartland Payment Systems and TJX Companies. Organizations of all stripes, however, are exposed to these risks, and one only needs to look as far as technologically-savvy Google and its Gmail break-in incident in China to learn that lesson.
The large credit card brand managers, such as Visa and MasterCard, have developed IT standards to help credit card processing companies limit their exposure to fraud through increased controls around data. IT professionals of all companies, however, must provide holistic security that more than meets baseline requirements, and must view data security as an enterprise-wide and ever-changing process. Boards of companies are becoming more aware of their exposure to these risks, and should consider data security and broader cyber liability as a corporate governance responsibility. Senior management and risk managers also need to become involved in IT policies, as well as consider the rapidly expanding set of insurance products dealing with these issues to help mitigate the risks.
"Data Security Issues Escalate as Risk Management Evolves," a new Advisen special report, sponsored by Swett & Crawford, examines the growing threat to data security for companies of all sizes. This comprehensive report reveals the explosive costs of data security breaches, reviews recent changes to consumer privacy laws, outlines recommended changes to IT security and risk management procedures, and discusses specialized insurance coverages available for when companies experience data security events. It also includes an appendix containing a review of the largest and most compelling data security breaches over the past decade.
Have a question about the paper? Ask the experts at Swett.
About Swett & Crawford
Swett & Crawford, headquartered in Atlanta, Georgia, is owned by its employees and two private equity firms, HM Capital Partners and Banc of America Capital Investors
In its national network of offices, Swett & Crawford serves independent agents and brokers through specialized Property, Casualty, Oil & Gas/Energy, Professional Services, Transportation and Underwriting Practice Groups. These groups provide access to commercial insurance products and programs, including property and casualty coverages, products liability, professional liability, commercial and public auto liability as well as a host of customized binding authorities and exclusive programs tailored to specific industries, businesses and professionals.
