A growing array of security and privacy threats, individually or in combination, poses significant financial, reputational and physical harm to businesses, organizations and the communities they serve. It is critical for organizations of all sizes to understand these various exposures and learn how to detect and address them.
"Protecting Security and Privacy in an Interconnected World", a new report from Arthur J. Gallagher & Co. (an international insurance brokerage and risk management services firm), examines common and emerging technological vulnerabilities and the steps that organizations can take to prepare for, mitigate and address them.
Adam Cottini, report author and cyber liability insurance and risk specialist, notes that cyberattacks can be financially, competitively, politically or ideologically motivated. They can even be the work of thrill-seekers with no specific agenda. These attacks can come from outside or within the organization.
Regardless of their origins or the motivations behind them, cyberattacks can have serious, potentially devastating consequences.
Cottini is also Managing Director of Cyber Liability Practice for Arthur J. Gallagher & Co., and he spotlights the growing threat from connected technology.
"Security may not always be the manufacturer's top priority because considerations such as speed to market and returns on investment tend to overshadow the investment in security," he said.
"The more networked technology we use, the more ways there are for hackers to infiltrate databases and cause financial or physical harm. Thus, there is a growing need for organizations and individuals to be vigilant in protecting connected systems from the consequences of these threats."
Common best practices that may help organizations prevent network security intrusions include using secure remote access methods, segmenting networks and applying appropriate access controls, implementing necessary patches and updates and applying firewalls.
Insurance coverages can come into play in the event of a cyber breach, including the third-party liability and first-party breach response and operational costs that are eligible for coverage under a traditional cyber insurance policy.
Some cyber exposures, including many related to the Internet of Things, are not covered by a traditional cyber policy but may be covered under other property/casualty insurance policies.
Cottini also details the critical steps that organizations should take immediately after a breach has been detected to ensure that insurance applies.
Given the number of coverage variables, Cottini finally recommends that organizations seek the advice of an insurance broker with expertise in cyber insurance to avoid encountering any unanticipated coverage gaps if a breach occurs.
Additional information related to this topic and cybersecurity jobs can be found here.