The risk to data handled by a company’s information systems can be very complex. The purpose of this article is to review categories of information risks as well as strategies for managing them.
Information risks include threats to information technology systems, the intangible property handled by them and the consequences of failure of the systems.
The risk to first party losses include the following;
- loss of data
- loss of income
- denial of service
- viruses and sabotage
- theft of system resources
The risk to third parties or your customers include;
- Theft or damage to someone else’s data
- privacy injury liability
- network security liability
- content liability
- spread of viruses are malicious code to someone else’s system
Nearly every day on the news you hear of one company or another’s computer systems being hacked or customer information being stolen and the damages a company can be held liable for can be in the millions. Cyber damages can be just as damaging as a fire that consumes a warehouse full of tangible property or accidental physical harm caused by a company’s operations. Breach of your customers information can occur in the following ways; physical theft, hacking, accidental release, lost media, employee act, or social engineering.
Many insurance carriers are now offering cyber liability insurance that helps protect a company from these highly vulnerable exposures. It is becoming increasingly clear that emerging risks associated with protecting data should be included in an organizations overall approach to risk management. For more information regarding ways to safeguard your data and develop a risk management plan contact our office.
Author Tim Dean