It seems there isn’t a month that goes by without news of yet another data leak scandal after hackers breach the online security of a business or government.
By Gary Clifton, head of corporate clients, NFU Mutual Preston
High profile incidents in the UK recently have included Talk Talk and Morrisons which saw customers’ and staff members’ personal details leaked. Threats can come from disgruntled employees, organised criminals or a 15-year-old with a laptop.The fact is that cyber attacks are now a near certainty for businesses of any size.
A 2015 Government-commissioned survey of UK businesses conducted by PricewaterhouseCoopers found that:- Ninety per cent of large organisations and 74 per cent of small organisations had a security breach – up nine per cent and 14 per cent respectively on the year before.
- Breach costs (such as business disruption, lost sales, recovery of assets, fines and compensation) average £1.46m to £3.14m for large businesses and £75,000 to £311,000 for smaller companies. The top end costs have doubled in a year.
An internal auditor, who had access to over 100,000 files containing staff members’ addresses, bank details and salaries, published the data on several websites and also sent it to a national newspaper. His motives seemed to be driven from a grievance about disciplinary action he received.
This exposed Morrisons to a significant financial liability - to mitigate the risk of fraud taking place using this data they had to provide fraud protection insurance to the affected individuals. They also had to counter the negative publicity to reduce reputational damage. This cost them £2m. When addressing cyber security insurance, businesses should ensure it covers:- Legal fees, advice and expenses
- Forensic costs
- Costs of a communication specialist
- Notification costs
- Credit & ID monitoring
- Fines
- Third Party Liability
Enjoyed this? Read more from Dean