43
Cyber liability insurance evolving with data breaches
YOUNGSTOWN
JPMorgan Chase’s data breach that could affect 76 million households continues to raise awareness about insurance.
“The risk is growing,” said Stephenie Marconi, the operations manager at James and Sons.
The insurance agency in Boardman is launching a campaign to raise awareness for businesses to get cyber-liability insurance.
Marconi said she believes that businesses are not aware of the risks.
The Mahoning Valley has experienced its share of data breaches. Community Health Systems said a cyberattack took information on more than 4 million patients from its computer network earlier this year. CHS owns facilities such as Trumbull Memorial Hospital in Warren and Northside Medical Center in Youngstown.
The latest data breach in the area involved two Jimmy Johns at Youngstown State University and in Austintown. The stores were among 216 affected throughout the country.
However, cyber-liability insurance still is in its infancy since its rise in the insurance industry for the past four years, said Mercy Komar, a commercial lines producer for L. Calvin Jones, an insurance agency in Canfield.
According to a study from the Ponemon Institute, 59 percent of data breaches are the result of human error or a system glitch such as losing mobile devices. Data breaches from criminal or malicious cyberattack make up the remaining 41 percent. Data breaches also include paper files, fingerprints, retina images, DNA and voice prints.
In 2013 alone, 100 million records were exposed due to data breaches.
“It’s prominent, and it’s hardly preventable,” Komar said.
Data breaches have a huge economic impact when they occur, she said. The national average cost is $188 per record, and premiums cost $3,500 per million dollars of coverage. Insurance costs usually are determined by the type of industry, number of records and the amount of coverage.
Last December, Target experienced a data breach that potentially could affect up to 110 million accounts. The retail store has incurred at least $235 million in expenses for the breach over the past three quarters and has collected its maximum coverage of $90 million in cyber-liability insurance. In early September, Home Depot announced a data breach that affected more than 56 million people.
As a result, more companies are seeking coverage beyond $100 million, Komar said.
But as data breaches become more frequent, demand for cyber-insurance is going up while supply is limited, she added.
“The capacity is starting to shrink,” Komar said.
While such coverage would be available, premiums would increase 10 to 15 percent for larger companies, she said.
Eventually, retailers and suppliers may require one another to carry cyber- liability insurances within the next few years, Komar said. “It’s hard to put a value on [data breaches],” Komar said.