The Magnitude of Cyber Liability on PEI

Marybeth McInnis | September 13, 2019

With COVID-19, companies have invested even more into technology solutions and with the sudden increase of our highly digital world comes an even larger exposure to Cyber Crime. The importance of cyber security should become a priority for all businesses. Cyber Liability claims have started to easily reach astronomical numbers and very few businesses on PEI have the proper coverage in place for a Cyber event.

When you think about your valuable assets, there are probably a few things you think of, right after employees, I think data comes to mind. Data is not covered on a regular property & liability insurance policy, it is intangible. So how many businesses are operating without any coverage for lost or stolen data? Think about your business, how are you protecting your data? Cybercrime is currently the fastest growing crime in the world. Companies are increasing the amount of money spent each year fighting computer, network intrusions and ransomware attacks, whether it’s by online fraud, identity theft, cyber extortion or a data breach, criminals are becoming more brazen and sophisticated.

  • The amount of ransomware attacks has significantly increased each year worldwide with Canada reporting a 103% increase according to a report by corporate security vendor: Sonicwall.
  • Some cyber insurance carriers are seeing ransom demands in the six and seven figures, so loss severity (size of the loss) is also becoming an issue.
  • The attacks have become much more automated so there is little interaction with the hacker.
  • As well the attackers have started targeting smaller businesses because they know security may not be as tight.

One recent example on PEI was a small contractor. They had their Hotmail account hacked. The hacker was able to recreate invoices identical to the contractors sending them out and receiving payments for completed jobs. The hackers were also intercepting e-transfers. In the matter of a few days the contractor lost upwards of $10,000.

If you have a cyber-attack the implications are more than just calling up your IT people to fix the problem. Have you considered the other costs involved? Are you aware of Bill S-4? Bill S-4 modifies PIPEDA and says that you must record and REPORT breaches of security, meaning you must notify every single customer that could have been affected by a security breach. If you do not notify customers, not only will you be liable for fines up to $100,000 but you can also be named publicly. Also consider the amount of revenue lost while your system is down, this can last days or months. In a ransomware attack, for example, if you do decide to just pay the ransom to get back up and running quickly, chances are they will come back to attack you again.

Though a cyberattack is stressful, having the right preparations in place can minimize the associated damage and costs. A planned and practiced response, along with proper cyber risk insurance are crucial to your cyber defense. There are many areas of protection on a Cyber Liability Policy that need to be looked at, give me a call and we can start the process on a Cyber Liability Policy today. In the meantime, here are some basic tips that if you are not already implementing, can easily be done right away:

  • Keep your firewall turned on.
  • Install and update antivirus software.
  • Implement two factor authentications for passwords.
  • Keep your system up to date.
  • Be careful what you download.
  • Turn off your computer at the end of the day.

Categories: