TECHNOLOGY plays a very critical role in the world of business and for long has been leveraged as an asset, making businesses increasingly dependent on it. Today, with the demonetisation of Rs 500 and Rs 1,000 currency notes in India, transactions over the internet are playing a key role in how most organisations conduct business and reach out to their customers. But, despite all the benefits IT has to offer, it also exposes businesses to risks which can be detrimental to their interests.
As business organisations become more reliant on the internet and advanced communications technologies, cyber risks, too, continue to evolve with the advances in technology. This has made businesses increasingly vulnerable to risks associated with theft, loss or misuse of data. In our country, where controls over IT are not entirely foolproof, many cyber crime incidences have been reported with confidential customer information being compromised. The recent incident, where the data of 3.2 million debit cards was compromised, indicates how vulnerable IT can be despite the best security measures put in place. According to the National Crime Records Bureau, there has been a 150% jump in the incidence of cyber crimes or IT-related crimes in India from 2012 to 2014. A total of 9,622 cyber crime offences were reported in 2014, 69% higher than 5,693 cases registered in 2013.
Studies indicate that for every single data that is breached, the victim organisation has to spend up to $200 on litigation and compensation. Therefore, organisations must proactively consider a plan on their approach towards cyber security, which includes insurance for all the assets sailing on the online space.
You May Also Want To Watch:
Ideally, a cyber insurance coverage is made to protect businesses from the liability and expenses arising as a repercussion of theft or loss of data, as well as liability and expenses that may arise from the breach of data security or privacy, particularly when the company is hosting client information.
Typically, a cyber insurance policy will cover for impaired access liability; unauthorised access to, use of, or tampering with data; disclosure of confidential data (invasion of privacy); loss of data or digital assets (malicious or accidental); introduction of malicious code or viruses; cyber extortion or terrorism threats; personal media
injury (defamation, libel, or slander) from electronic content; regulatory action, notification, or defense expenses; crisis management expenses; data or system restoration and business interruption expenses.
As the first step, create a cyber risk profile of your company by listing the expenses that need to be covered in an event of a cyber breach along with an estimate of third-party costs. It is a must that before purchasing a cyber insurance policy organisations build a mature information security programme and most importantly, have an understanding of the total cost of cyber risks.
With the constant change in technology, computer systems cannot be completely secured and the reality is that data breaches, most often, are beyond the organisation’s control. But, cyber insurance provides the organisation protection to limit their risk.
The writer is executive-director, HDFC ERGO General Insurance Company