Close X
Sunday, November 24, 2024
ADVT 
National

Companies Turn To Cyber Insurance After Ashley Madison And Other High-profile Hacks

Darpan News Desk The Canadian Press, 14 Oct, 2015 10:56 AM
    TORONTO — In the wake of the Ashley Madison hack and other high-profile data breaches, Canadian companies are turning to so-called cyber insurance to protect themselves from the fallout of data leaks.
     
    In July, adultery website Ashley Madison made headlines after hackers broke in to the company's network and leaked customers' personal information, including their messages to other members and sensitive financial data.
     
    The ensuing class-action lawsuit — and founder and CEO Noel Biderman's decision to step down in late August — were the latest in a series of incidents that experts say represent a wake-up call for executives about the real-world consequences of digital vulnerabilities.
     
    Duncan Stewart, director of technology research at Deloitte, said the past year has seen a surge in awareness about cyberattacks, and companies are turning to insurers to prepare for what seems an inevitability in an increasingly interconnected world.
     
    "The number of attacks are rising, the severity is rising, and when they come, they're more difficult to deal with," he said.
     
    There is no legal requirement for companies to report a hack in Canada, making the true number difficult to determine, but security company Websense said in August 2014 that 36 per cent of Canadian businesses had observed a breach in their IT security last 12 months.
     
    In a KPMG survey of Canadian property insurance executives, data security even beat out unexpected catastrophic events as the third-biggest risk facing Canadian companies in 2015 after regulatory burdens and low interest rates.
     
    Stewart compared significant breaches like the Ashley Madison hack to automobile collisions that result in a total write-off, yet he said companies also require coverage for the small attacks and fender-benders of cybersecurity that happen far more often.
     
    Insurance against cyberattacks is now just a part of the cost of doing business, he said.
     
    "You wouldn't have a factory and not have fire insurance, so why would you think about not having cyber insurance?"
     
     
    Technology analyst Carmi Levy said in an email that insurance providers are stepping in to meet the needs of companies as they find themselves handling more and more data on behalf of their clients and suppliers.
     
    "In the process, they are increasingly liable for what happens when hackers manage to break in and snag some of that data," he said.
     
    Insurance expert Paul Kovacs, president and CEO of the industry-funded oversight body PACICC, said insurance companies are expanding their offerings to provide more than just compensation and protection from liability in the event of a cyberattack.
     
    "When this happens, you are going to need professional help with communications, with forensic investigation, with restoring your systems and putting the protections back in," he said.
     
    Kovacs pointed to the example of Sovereign General, part of the Co-Operators Group, which offers coverage for privacy breaches, business interruptions, extortion, and data recovery stemming from a cyberattack, as well as crisis management services.
     
    He said companies and organizations used to dealing in sensitive information, such as hospitals and financial institutions, were among the first to become targets and have developed comprehensive cybersecurity policies.
     
    Yet what used to be a concern just for the obvious targets is now a business risk for almost everyone, he said, and it's not just customer data that's at risk. 
     
    In July, security company Symantec issued a report detailing the "Butterfly" hacking group that it said is responsible for at least 40 attacks since 2012 meant to steal trade secrets and industrial data in order to sell it to the highest bidder.
     
    Kovacs said industrial espionage is spreading out from the large companies that have long been in the crosshairs as hackers become more sophisticated.
     
    "Now, they're still going after the big companies but they're going after the mid-size companies and even some relatively small companies," he said. "The threat is spreading."

    MORE National ARTICLES

    Some 34,000 Quebec Teachers Off The Job To Protest Lagging Contract Talks

    Some 34,000 Quebec Teachers Off The Job To Protest Lagging Contract Talks
    MONTREAL — French-language public school teachers are off the job today in some parts of Quebec as they protest lagging contract talks with the provincial government.

    Some 34,000 Quebec Teachers Off The Job To Protest Lagging Contract Talks

    Judge Rules Against Hockey Icon Guy Lafleur In Civil Suit Targeting Crown, Cops

    Judge Rules Against Hockey Icon Guy Lafleur In Civil Suit Targeting Crown, Cops
    MONTREAL — A Quebec Superior Court justice has ruled against former Montreal Canadiens great Guy Lafleur in his $2.16-million civil suit that targeted police and the Crown following a 2008 arrest.

    Judge Rules Against Hockey Icon Guy Lafleur In Civil Suit Targeting Crown, Cops

    B.C. Lags In Protecting Sensitive Health Data: Privacy Commissioner

    Privacy Commissioner Elizabeth Denham says authorities are not legally obligated to report privacy breaches, which could involve sensitive personal information from HIV tests, to mammograms or routine blood results.

    B.C. Lags In Protecting Sensitive Health Data: Privacy Commissioner

    Canada Approves Refugee Claim Of Man Who Fled Somalia After Death Threat

    Canada Approves Refugee Claim Of Man Who Fled Somalia After Death Threat
    The Immigration and Refugee Board told 32-year-old Yahya Samatar at a hearing in Winnipeg today that his claim was accepted.

    Canada Approves Refugee Claim Of Man Who Fled Somalia After Death Threat

    Retroactive change of law prompts OPP to drop probe of RCMP gun data destruction

    Retroactive change of law prompts OPP to drop probe of RCMP gun data destruction
    The Ontario Provincial Police have dropped an investigation into the RCMP's destruction of gun registry data, saying the alleged offences no longer exist under a back-dated, retroactive Conservative law passed last spring.

    Retroactive change of law prompts OPP to drop probe of RCMP gun data destruction

    Families First: Minister Lisa Raitt Urges Airlines To Stop Separating Parents, Children

     Canada's transport minister quietly wrote to the heads of every major airline in the country earlier this year to try and stamp out a practice where parents were being seated separately from their children on flights.

    Families First: Minister Lisa Raitt Urges Airlines To Stop Separating Parents, Children