Generally, cyber risk means the vulnerability to intrusions, the resulting data loss and system failures which cause business interruption, reputation damage, legal compliance violations, and loss of revenue. Contemplating and mitigating cyber risk requires an enterprise to address many concerns. Three major ones are:
Privacy Liability Concerns
Information belonging to third parties often has a significant value. A business enterprise can be held legally responsible for losing it! MANY twenty first century business agreements contain provisions which address this type of loss. If triggered, those provisions can create significant damage claims. The typical consumer is also better informed than ever about privacy rights, increasing the likelihood of a lawsuit against a business that losses confidential data.
Copyright, Trademark and Intellectual Material Infringement Concerns
This is so deep that we simply aren't going to go there. Copyrights, trademarks, logos, slogans, plagiarism, unauthorized use, mirror sites, unique artistic creations, . . . the list goes on and on. Bottom line, if a business enterprise puts in on the web, liability is created.
Expense and Loss of Income Concerns
Statistics show that the "average cost" of a significant data breach is close to five million dollars. Immediate crisis management services, data restoration, hardware replacement, business shut down, funds transfer fraud, complying with breach notification laws and the expenses resulting from cyber extortion quickly aggregate. Given that nearly half of all serious data breaches have occurred in businesses employing less that 1,000 people, most victims are not financially prepared to cope with a major cyber loss.
A properly crafted cyber risk policy is the best hedge against a disaster befalling your enterprise. Thinking about the concerns above is a good start to reducing the likelihood of a major cyber event and good preparation for requesting appropriate coverages.