“Dear _____ Guest,
As you have likely heard by now, ______ experienced unauthorized access to payment card data from U.S. _______ stores. We take this crime seriously. It was a crime against _______, our team members and most importantly you—our valued guest.
We understand that a situation like this creates stress and anxiety about the safety of your payment card data at _______. Our brand has been built on a 50-year foundation of trust with our guests, and we want to assure you that the cause of this issue has been addressed and you can shop with confidence at ______.
We want you to know a few important things…”
Stress and anxiety: two emotions most business owners don’t want as part of their customer experience.
The above excerpt comes from a letter written by Gregg Steinhafel, the Chairman, President and CEO of Target. He wrote it in 2013 after millions of customer credit card numbers were stolen from Target databases.
Business owners usually insure their businesses against fire, theft or tornadoes. But the Target incident represents a new risk businesses face. Data breaches like this belong to a category of risks the insurance industry calls cyber risks.
In response to these new risks insurers now offer a variety of cyber insurance products. Unfortunately, many small business owners are unaware of the risks their businesses face. Some have coverage, but they’re not sure what’s included. In any case, most don’t think cyber crime could happen to them.
What cyber risks does my business face?
Federal and state laws now address the risks of the information age. These laws create standards regarding private, sensitive data like credit cards and social security numbers. This also includes customer and employee information!
The laws spell out exactly what course of action a business must take in the event of a data breach. First, you must notify anyone whose information has been compromised. You may also need to provide credit monitoring and more for victims of the breach.
The potential loss of reputation a data breach causes can have a real financial impact on your business. But complying with notification requirements can be even more expensive. In fact, costs can exceed $200 per person affected.
It can’t happen to me!
Many business owners think high-profile businesses like Target have more cyber risks than a small businesses. In reality, small businesses also suffer losses due to computer-related events. Related risks include physical breaches like dumpster-diving or break-ins. Human error, or even a disgruntled employee can represent cyber risks.
What insurance solutions are available for cyber risks?
Insurance products can protect against lawsuits. They can also cover other related costs your business may incur. For example, the policy can provide a consultant to help comply with the laws. It can cover notification costs, lost profits and more. Plus, the policy can protect a business that has had money taken from its bank account by a hacker.
Please contact our office for more information.
This article was also published in the Elburn Chamber of Commerce August 2014 newsletter.