- Posted by Real Estate Team
- On September 29, 2017
In today’s world cyber threats are a looming reality. It only takes one wrong click for a hacker to enter your system. Once they gain access they can then read your keystrokes, obtain passwords or install a ransomware that will encrypt everything on your system.
It’s not just large corporations who are affected. Small to midsize businesses are vulnerable for data breaches and account for a significant portion of the businesses that fall victim to cyber breaches each year. Hackers are not only sophisticated in how they target, but whom they target as well. A small business can be easy prey for a hacker because it may not have the same technology and safeguards in place to protect itself like larger corporations.
Every business utilizes technology in their day-to-day operations in some form or another. Whether it’s a laptop, mobile device, a website or social media, chances are your business is using technology is some small way. In addition to maintaining physical files, you may store personal data, employee records, client information, or marketing lists on your computer.
“Personal information” isn’t just a credit card or bank account number. Depending upon the state, “personal information” can be as little as a first and last name in combination with and driver’s license number! When “personal information” has been breached, most states have notification requirements a business must adhere to or else they can be fined and/or penalized.
Causes of Data Breach
It’s not just criminals lurking in the shadows trying break through your system’s firewall. Data breaches can easily be caused by human error as well. This may include a lost or stolen computer or not using proper security protocols. An employee may mistakenly think an email they received is from someone they know and click a link that installs malware or a virus onto your computer system.
A 2017 Data Breach Study by IBM found that 52% of data breach incidents in the United States involved a malicious or criminal attack, while 24% were caused by negligent employees and 24% by system glitches, which included both IT and business process failures.
Internal Controls You Should Implement
With hackers constantly creating new tactics to trick someone into giving them access or information, viruses can easily be delivered without you even realizing it. Once the hacker has access to your computer or email, they may wait and watch for the right opportunity to strike. Fear not! Here are a few internal controls you should be using to help prevent your firm from being a victim of a data breach:
- Upgrade your passwords to “passphrases”. Create a long password by stringing a few random words together that are easy to remember, like “dolphinoceansurfandsand”. Using a longer passphrase would take longer to decipher than a shorter password, even if it contained numbers and symbols.
- When in Doubt, Throw it Out. The National Cyber Security Alliance suggests that even if you know the source, if it looks suspicious delete it. Links in emails, social media posts and online adverting are how cybercriminals try to steal your personal information.
- Keep your operating system up to date. This may seem like a given, but many times we don’t want to take the time to install those pesky updates. Software manufacturers are constantly fixing software bugs. Keeping your system updated will help insure that your computer is not only up to date but can help keep your computer free from current viruses and security threats.
- Knowledge is Key. Keep your agents aware of current fraud threats and phishing schemes. Also, make sure your clients know to always call their realtor, title company or attorney for verification before responding to any payment instruction received in an email.
- Proceed with Caution. Free, public hotspots are not secure. Limit your activity on public WiFi and try to avoid accessing personal information or logging into your email. With a compromised WiFi, a hacker could see what you’re doing, from sites visited to information you enter, like passwords. Consider using a personal hotspot for a more secure internet connection or a VPN (Virtual Private Network).
Once a business falls victim to a cyber-attack it may suffer from response expenses, regulatory fines, lawsuits from parties affected as well as harm to their company’s reputation.
When internal controls aren’t enough, a Cyber Protection Policy can help your firm survive in the event of a cyber breach by addressing perils like business interruption, expenses related to restoring data and guidance in responding to a cyber event.
Some common coverages in a Cyber Protection Policy may include:
- Breach Liability which helps you in the defense of 3rd party claims, regulatory proceedings, penalties, fines and assessments levied by the payment card industry or a governmental regulatory agency.
- Breach Rectification is a 1st party coverage which addresses costs you incur to respond to a breach. Typically included is a Data Breach Team to help you respond to a data breach, including forensic expenses, notifications costs, and credit card monitoring. Business interruption and digital asset loss coverage may also be included.
- Digital Crime covers you for Cyber Extortion, Electronic Transfer Fraud, Deceptive Transfer as well as Telephone Toll Fraud. Deceptive Transfer, also known as Social Engineering or Confidence Scams, covers you for funds lost as a result of fraudulent wire transfer instructions within your firm.
To learn more about how a Cyber Protection Policy can help your firm, or to request a quote, please contact Michelle Sherwood at: firstname.lastname@example.org or 954.507.6575.
The material contained herein has been provided by, and is a marketing advertisement of, Norman-Spencer Agency, Inc., is for informational purposes only, and intended to provide recipients with a guide to available products. The information contained herein is not fully comprehensive, nor does it consider specific objectives, circumstances or needs of individual recipients. This is not intended to replace or substitute for any professional advice. Discounts, promotions, coverages, and benefits referenced herein may not be available in all States, are subject to specific insurance product underwriting guidelines and policy terms and conditions, and maybe discontinued, changed, or amended by Norman-Spencer Agency at any time.