Encryption: What’s The Big Secret?

Print Email
June 4, 2013 by Tushar P. Nandwana

So your organization sells a data breach or cyber liability insurance product that covers notification costs and ancillary services in the event your insured has a data breach and their customer’s personal data is compromised.

Executive Summary

OneBeacon's Technology Risk Control Officer Tushar Nandwana provides the basics of encryption—defining the term, reviewing the types of encryption systems used in day-to-day processes, and explaining potential pitfalls with such systems.

Let’s consider a few facts (from Ponemon Institute’s “2011 Cost of Data Breach Study: United States,” March 2012):

The average cost for detection and notification per breached record is $194. The average cost for notification for an organization is $560,000. Currently, 46 states have enacted laws that require notification in the event of a data breach.

Clearly, a breach event could result in a sizable covered loss under a data breach policy. However, the same 46 states also have safe harbor provisions regarding notification if the breached data is encrypted. Many statutes aren’t even triggered if the personal data is encrypted.

Enter your email to read the full article.

Already a subscriber? Log in here

Related Articles

Company Data Breach Now Costs $3.5M on Average: Ponemon Study
Proposed U.S. Legislation Coming That Threatens Tech Platform Encriptions

Our Contributors

Richard CoyleMany Businesses May Not Be Protected Against Losses From Snow Melt Floods
Shannon ShallcrossViewpoint: You’re at a Competitive Disadvantage If You’re Not Innovating
James GammellViewpoint: Risks for D&O Insurers Exploring the New Frontier of Gen AI
Meghan ParrillaHow Apprenticeship Programs May Be the Best Solution to Today’s Talent Crisis
William SteenbergenThe Insurance Data Paradox: Structure Creates Flexibility
See All Our Contributors