Cyber security is becoming increasingly relevant within the insurance industry to the degree, that the National Association of Insurance Commissioners (NAIC) named it as the key initiative for 2015.
2. 2
Cyber Security
and
Data Protection
A recent Insurance Business America article reported 80 percent of businesses will
experience a data security breach within 12 months. A breach can cause a loss
of data, identity theft, and potential lawsuits that can hurt the business, its clients,
and employees. Like any company, your independent insurance agency is just as
vulnerable to such risks, meaning you must take steps to prevent and minimize the
effects of cyber threats.
This eGuide explores the common cyber security threats and how to protect your
business and customers. Throughout the guide, we’ll hear from some experienced
agency owners about their cyber security concerns and how they keep their
agencies and customers safe.
80%
of businesses will
experience a data
security breach
within 12 months
3. 3
CONTENTS
Cyber Security Basics..............................................................................4
Protecting Your Agency...........................................................................5
First Steps...............................................................................................6
Protecting Your Customers......................................................................8
Staying Informed...................................................................................10
4. 4
Cyber Security
Basics
Cyber security is becoming increasingly relevant within the insurance industry
to the degree, that the National Association of Insurance Commissioners (NAIC)
named it as the key initiative for 2015.
Cyber security is about protecting your agency from digital threats that may
harm your data, exposing you and your customers.
The largest threats to your agency deal with losing or
compromising data, including:
1. Viruses infecting your computer system and destroying data
2. Hackers accessing your systems and stealing personal records
3. Employees negligence such as leaving systems open or losing laptops,
tablets, and other mobile devices
“We worry most about people
hacking into our system. Criminals
are at work day and night to access
personal data (for identity theft).”
Leslie Huesman,
Huesman Insurance Group
5. 5
Protecting
Your Agency
There are a few initial steps you can take to ward against these
cyber threats.
n Keep your virus protection up to date
n Educate employees on good data security practices
n Employ multiple individuals to monitor threats
n Outsource data security management for constant vigilance
n Purchase liability coverage for your agency
n Keep up to date on the latest agency practices and trends
in cyber security
Steve Kramer,
Kramer Insurance
“Our biggest risk is our people. We need to educate our staff and
agents on how to handle (personal information). We worry about
anyone being lax when it comes to handling such data.”
6. 6
First
Steps
Feeling overwhelmed already? Take a step back! Although it is important that your
agency address these issues of cyber security and data protection, you don’t need to do
everything all at once. Start out by focusing on these three key action items:
CREATE CHECKLISTS, GUIDELINES, AND
REGULATIONS FOR EMPLOYEES: Insist on
passwords for all devices used to access your system.
Don’t allow employees to download personal data
without encrypting files and limit who is allowed to
download. Have all emails containing sensitive data
encrypted as well. Finally, discourage staff from
accessing your agency’s system on public WiFi as this
increases vulnerability to hacking.
7. 7
INVEST IN SECURE BACKUPS: Ensure all
your agency’s data is protected by backing up
your system frequently and storing it at an off-site
location. Use an outside vendor, ideally your agency
management system provider, to store your data.
They’ll have the infrastructure and heightened
security needed to keep such a large amount of
personal information safe.
PURCHASE CYBER INSURANCE: Cyber
insurance helps keep your agency protected
should a data breach occur, including covering
government-mandated notification and reparations
for those affected.
“(You) need to set up preventative items. We want everybody to
have security in place (in their agency), meaning encrypting data and using secure passwords. Our biggest asset
is our data, so that data needs to be backed up and protected against computer meltdowns, too.”
Larry Harb,
IT Risk Managers, Inc.
8. 8
Protecting
Your Customers
Your agency has a responsibility to not only protect your digital assets, but to offer
protection to your customers as well. Cyber liability insurance coverage protects
your customers from such threats. As an independent insurance agency owner,
it’s in your best interest to provide such coverage for your commercial customers.
Coverage points for cyber liability insurance include:
n Regulatory Coverage – Focuses on costs associated with lawsuits or fines
against a business. This includes the cost of a defense lawyer and court fees.
n E & O Coverage – Pertains to a failure in preventing data breaches, including
storing unencrypted data or not using a firewall. Such coverage can also be a
part of general, non-cyber specific E & O coverage.
n Notification Coverage – Most states now require businesses to notify
customers of cyber breaches and this point of coverage identifies the number
of customers to be notified and the methods of notification.
9. 9
n Data Restoration Coverage – Covers the cost of recovering
damaged or lost data. Points of coverage may include
replacing hardware or software, restoration, and replacement of
other electronic assets.
n Crisis Coverage – Addresses the PR aspects of data loss. It
covers everything from managing media relations to providing
affected customers with credit monitoring.
n Liability and Slander Converge – Pertains to online incidents
of slander, liable, copyright infringement, or other reputational
damage done by those representing a specific business.
“There are two important parts (in cyber liability coverage): first is the
money to pay for the damage to customers, second is providing our clients
with a quarterback to run the show. This person helps our clients through
the process of notification and meeting all requirements of a company that
has had a data breach.”
Leslie Huesman,
Huesman Insurance Group
10. 10
Staying
Informed
As technology continues to grow and evolve, more vulnerabilities
will be uncovered. It’s important for you and your agency to stay
informed on new cyber security threats and methods to protect
your data. We at SIS know this growing need for cyber security
and are committed to keeping our clients prepared, which includes
attending industry conferences and hosting sessions on the topic.
Find out more about how SIS is staying ahead of the curve on our
website or by contacting us today at sales@sisware.com.
11. 11
About SIS
Headquartered in Columbus, Ohio, Strategic Insurance Software
(SIS) is the team behind Partner XE—an innovative web-based
insurance agency management system that helps independent
agencies streamline workflow and grow their business. Built on
a foundation of strong technology and exceptional service, we’re
moving forward with a constant eye on innovation that will make
independent agents’ lives easier.
About Partner XE
Supporting downloads from nearly 300 carriers, real time interaction,
integrated agency accounting, and much more, Partner XE is a full-
featured agency management system at an affordable cost for the
independent insurance agency. For more information, please visit
www.sisware.com.
4181 Arlingate Plaza, Columbus, Ohio 43228
800.747.9273 | www.sisware.com