Reduce Cyber Catastrophe
24 May, 2013
In a recent survey, the majority of corporate risk managers and senior executives expressed concern about cyber risks. Yet many U.S. companies do not have a network security or privacy liability insurance program to protect themselves. In other words, they feel vulnerable but aren’t sure what to do about it. A new report by Lockton, insurance, risk management and employee benefits specialists, illuminates the issue, along with the solution to managing cybersecurity in a world where business often depends on technology.
The report, co-authored by Lockton’s Michael Schmitt and Lisa Phillips, is entitled “Cybersecurity: Most Companies Know Enough to Worry, But Not Enough to Take Action.”
“How an organization responds to a data breach can either cause or prevent lost customers, regulatory fines and investigations,” Schmitt says. Phillips added that preparation and testing are essential for any responsible organization. She writes that it starts with an assessment of the type of data held, including where it is stored, who has access to it and whether there are proper security measures in place to protect it.
After analyzing risk and implementing security measures, the next step is to create and test a data breach response plan with participation from IT, Legal, HR, Risk Management, Finance and Customer Service. Lockton also suggests involving data breach experts outside the company who can provide insight and guidance.
Illustration by Stuart Miles at Free Digital Photos.net
Compiled from press materials.