Business owners, particularly those with small-to-medium-size businesses, often think of cyber risks as an information technology problem, not a management problem. They believe their IT staff or outsourced vendors can cover the exposures or respond effectively to a cyber attack or data breach.
Executive SummaryWhat can carriers and clients alike do about the ever-growing increase in cyber risks? Both should boost security awareness, preventative actions and vigilance along with employee training, writes Eric Cernak, VP of U.S. Cyber, and Privacy Risk Practice Leader for Munich Re's Hartford Steam Boiler. He also recommends that carriers get their own processes around cybersecurity in shape so they can credibly write the coverage for others.
They are wrong.
Sound cyber protection—for insureds and insurance carriers—starts with a commitment from management, which must create a culture of security awareness. And that requires employee training and engagement, preventive actions and continual vigilance.
An Increasing Need for Vigilence
Increasing interconnectivity and online commercialization drives the frequency and severity of incidents, including data breaches and cyber attacks. With the proliferation of online retailers, for example, the substantial accumulation of data on customers, employees, vendors and others must be secured.