Organizations today must regard cyber breaches not as a possibility, but as an inevitable fact of life. In this environment, it’s crucial to have a cyber liability insurance policy that adequately covers the potential loss and offers payment or reimbursement for response costs. Understanding what’s covered by the policy well before a breach occurs and building that knowledge into your company’s incident response plan is critical.

Are you addicted to your mobile device? Most of us are. Everything is a tap or swipe away. You can check account balances, pay bills, order from online stores, deal with business email and documents, etc… Essentially, mobile devices allow you to manage your life untethered. Hackers realize that too and are targeting mobile devices more than ever.

In several of my most recent “Cyber Tuesday” posts, I’ve discussed the importance of developing a comprehensive cyber risk mitigation strategy which includes IT security measures, well thought out incident response, business continuity documentation and cyber insurance. A recent ransomware event at the University of Calgary shifted the focus to the cyber insurance.

One of the most significant cyber threats to any company’s security is the Rogue Employee. Who is this person? Someone who has been entrusted with access to the system(s); (i.e. databases, customer records, HR records, confidential email, etc.) and who chooses to hurt the company and fellow employees by intentionally performing a wrongful act or providing another with the ability to do so.

IT-related threats originate from multiple angles, all of which require proper attention and application of mitigation techniques. Perhaps the biggest threat to a company’s IT security is their internal contacts (staff, vendors, contractors, etc.). Many companies are utilizing heightened IT security measures, but fail to account for the negligible or malicious actions from these internal contacts who often have high-level access to company systems.  Inside access often isn’t monitored and can easily lead to stolen data or corrupted systems.

Many of the cyber risks discussed today revolve around outside intrusions such as data breaches, viruses, or reputational risks brought on by improper social media use. Another significant risk that must be considered is a major data loss event, whether caused by a technical malfunction or a non-technical property loss such as fire or water damage. While you cannot guarantee a data loss will not happen, there are ways to indemnify and protect yourself if you experience such a data loss.