The Securities and Exchange Commission (SEC) just released some disturbing information. It found independent insurance agents working with brokerages and/or financial advisory companies ought to consider picking up a cyber liability insurance policy.
Here’s where the SEC started. It said over half of the brokerages in the United States have been targeted by an email scam. And as hard to imagine as it is, the scam is a trick to get the brokerage to wire client money to the scammers.
Even harder to imagine is brokerages falling for the scam. But a bunch of them did and 26% of those falling for the scam say they lost $5,000 or more.
Moving past that, the SEC chairman Mary Jo White said 88% of the broker-dealers and 74% of the RIAs it surveyed said they have experienced a cyber attack of some sort in the last few years.
“Cybersecurity threats know no boundaries. That’s why assessing the readiness of market participants and providing investors with information on how to better protect online investment accounts from cyber threats has been and will continue to be an important focus of the SEC,” she said.
White notes the numbers are frightening. Even more frightening is just 58% of broker-dealers and 21% of RIAs have insurance against data breaches. She advices commercial insurance agents to purchase insurance if they don’t possess that insurance.
Chubb did a study of the misconceptions of cyber insurance. Though independent insurance agents — at least we hope — know better, Chubb found 39% of the firms it talked with think their CGL and other coverages like professional and media liability take care of cyber attacks.
Travelers recently did a panel on cyber attacks titled Hacked: The Implications of a Cyber Breach. Timothy Francis is the enterprise lead for Cyber insurance. He told Travelers’ New York City gathering that large firms get all the publicity but small and mid-size companies get hit the most.
In fact 62% — he contends — of all of the victims of cyber breaches are small or mid-size businesses. And a cyber breach for a small or mid-size business is so expensive it could end up sending them into bankruptcy.
The Ponemon Institute just revised the cost of a breach. It’s now $154 per lost or stolen record. That’s up from $145 a year ago. And the average cost of a data breach is rising. It’s $3.8 million — up from $3.5 million last year.
One last cyber security note. The Internal Revenue Service just admitted it was hacked and that as many as 100,000 records were compromised and it issued about $50 million in refunds from those records.
Source links: PropertyCasualty360.com, Insurance Business America, Carrier Management