The end of 2013 saw quite a few major cyber breaches at large, well-known companies. Industries ranged from retail to hospitality, arts and crafts to foodservice. While this does show that a cyber-attack can happen to anyone, it also gives us valuable lessons to learn and share with clients. So what are some of these lessons?
Communicate Quickly and Carefully. In the case of the Target data breach, customers first learned that they were a potential victim of fraud from a second-hand source. They weren’t able to get their questions answered right away, nor were REDCard holders able to contact the number on the back of their cards. Customers and credit card members were not able to access their information online, which was understandable however they weren’t being given any explanations. Target’s initial response to the security breach was perceived by many to be inadequate, and caused the company reputational damage.
Current and Former Employees Can be a Threat. In the Coca-Cola breach, more than 50 laptops containing confidential and sensitive data for more than 70,000 people were stolen. The thief ended up being a former employee, who was committing the crime over the course of several years. Due to this, companies must always be aware of what’s going on inside their walls, and must formulate a comprehensive privacy and network security protection plan.
Implement Controls for Vendor Access. As it ended up, the Target breach was perpetrated using credentials stolen from an HVAC contractor who provided services to the company. Network authorization must be carefully controlled. Any external partners who may have access to your company’s networks should have strict protocols in place to manage how their credentials are uses within their own organization.
These are just a few of the takeaways from recent data breaches. Insurance agents and business owners alike should ensure that they are consistently developing and enforcing policies for all levels of their network.
At PLRisk Advisors, we understand that all industries and companies could face the risk of a privacy or network security breach. Our Privacy & Network Security coverage is the solution to helping your customers manage and protect against risk. Please contact us today at (855) 403-5982 for more information on how our products can help insurance agents as well as their clients in various professions.