Senior Executives at Greater Risk from Cyberattack

Senior Executives at Greater Risk from Cyberattack

July 1, 2019 Business Insurance and Risk Management, The Beacon Blog 0 Comments

As posted by Joshua D. Allen of JacksonLewis ( Verizon’s 2019 Data Breach Investigations Report found high level executives are twelve times more likely to be the target of social incidents (data compromise) and nine times more likely targets of social breach (unauthorized disclosure) than in previous years. As these executives are more likely to be under stress they are more likely to unknowingly respond to fraudulent emails. They are also more targeted by scams because of their access to critical systems and approval authority.

Other information in the report, based on analysis of 41,686 security incidents with 2,013 confirmed breaches:

  • Financial gain is the motivation for 71% of breaches. Espionage accounts for 25%.
  • Ransomware accounts for 24% of malware incidents.
  • 43% of cybersecurity victims are small businesses.
  • According to the FBI, median direct loss is $8,000 for a business email compromise and $25,000 for a computer data breach. (While these amounts would be covered by a cyber “add-on” to a business insurance policy, businesses with large amounts of data at risk should recognize their potential for higher losses.)

Every business no matter how small needs a written information security plan. What’s more, every individual who uses a computer needs regular training in cybersecurity and awareness of new and ongoing threats. As this report shows, security training and awareness must begin at the top.

About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.