ACTAPROTECT Cyber Liability Product (CLP): The digital age is revolutionizing the way we do business
With the ACTAPROTECT Cyber Liability Product (CLP), you know that while you cannot necessarily prevent an attack, you’re certainly covered in the event of one. Favorable rates are available through the ACTA Protect program with limits available up to $10,000,000 with a range of deductibles available from as low as nil.
The digital age is revolutionizing the way we do business. The reliance on digital communication, the internet, and interconnected systems has brought with it significant additional exposures to businesses all over the world. Last year, incidents of cyber attacks increased by 97% according to the Identity Theft Resource Centre. There have been numerous high profile cyber attacks over the past few years – Revenue Canada (Heartbleed), Sony Studios, Home Depot and of course, Target whose 2014 attack resulted in losses in excess of $260 million.
The reality however, is that most cyber threats are not levied against high profile organizations like those listed above. A 2013 report by the Cyber Security Protection Alliance suggested that 69% of Canadian businesses experienced some element of a cyber attack that resulted in financial loss, reputational harm, or both. Further, a recent report from Symantec Corp. suggests that 60% of small businesses will go under within six months of a cyberattack.
You may think that the scenarios as described above do not apply to you or your agency. However, you must consider that people who travel a lot for business are often high net worth individuals who are perfect targets for hackers. It makes sense then, that a hacker might attack a travel agency to gain access to the travelers details. Consider the information travel agencies know about their clients: email addresses, phone numbers, credit card information, passport details, destinations, travel times, hotels, etc. The fact that travel agencies have this data readily available makes them very interesting and susceptible targets. In 2015, there were a number of attacks against travel providers; some of the most notorious one’s being the reported hacks of the China’s largest online travel company Ctrip, American Airlines, and an American travel reservations platform provider Sabre. There has even been an attack against a major Australian travel insurance company called Aussie Travel Cover exposing the personal information of more than 770,000 customers. While these are larger organizations, the reality is that smaller agencies are being attacked regularly as well, they just don’t make for good headlines.
The question each agency must ask itself is, are you prepared for the possible financial and reputational implications of a data breach? Consider that a recent report suggests that the average cost of a data breach in 2015 was $6.5 million.
The looming threats for most small businesses, travel agents included, come from 2 sources:
- Ransomware - attacks that restrict access to an infected computer system until money is paid out. You may have read recently about Hollywood Presbyterian Medical Center who paid $17,000 to hackers in order to regain control of its computer system.
- Spear Phishing – a very sophisticated scheme that involves hackers watching email accounts of staff in order to pose as trusted members of an organization in order to complete fraudulent wire transfers and online payments.
Protection against cyber threats must start with ensuring that you have invested in proper network security and that you have the internal risk management checks in place to catch cyber threats (70% of threats go unchecked). Businesses then must consider how they transfer the financial risk of cyber threats. The best way to do this is via insurance. ACTA have made available to members a cyber liability policy that will provide coverage for:
- Cyber liability, privacy liability and first and third party privacy breach notification costs
- Comprehensive cyber crime cover including phishing scams, telephone hacking, identity theft, wire fraud and cyber extortion
- Consequential reputational harm cover which gives direct protection for loss of net revenue as a result of a security breach or denial of service attack
- No retroactive date meaning there is no restriction on when the event which gave rise to the liabilities occurred
- Cover for data held ‘in the cloud’
- Comprehensive multimedia liability, protecting against claims for intellectual property rights infringement relating to all forms of content, including user generated content
- Cover for regulatory actions and investigations
- Technology errors and omissions
- Court attendance costs
- Crisis communication costs
The digital revolution is here to stay and businesses need to adapt to the new exposures that come with it. Call Cornerstone today to learn more about ACTA’s Cyber Liability policy.