A question that I often get from clients is one about cyber-insurance. In light of the recent passing of Bill S-4, better known as the Digital Privacy Act, the Personal Information Protection and Electronic Act has now been amended to include mandatory breach notification provisions. While these mandatory breach notification provisions are not yet in force, it is a good time to review your cyber-insurance coverage.
The malevolently-inclined are getting more ambitious (a 2014 study by the Ponemon Institute that evaluated security-breach costs in the retail sector suggests that average size of a breach is about 30,000 records) and more damaging (average loss is now about $105 per stolen record). The same study estimated that the average cost of a cyber-crime for the retailer is about $3.15-million. These are average numbers only: recent large-scale retail breaches have involved records in the millions, with costs similarly increased. Although the article was written before the holidays, the tips provided are still very useful to manage the risk of security breaches.
For any business owner comes the responsibility to protect your assets and the reputation of your business. As you may know, reputation is everything when it comes to generating new clientele and keeping your existing clients. The implications to a business because of false or legitimate claims can be significant and in some cases can cause it to close entirely. Protecting your business and reputation from any such claims therefore needs to be considered at the planning stage, and regularly reviewed.