Insurance & Data Breaches – Are you covered?

I recently met an insurance executive at a friends’ wedding, who worked for a large insurance firm. He and I ended up connecting because we had some things in common. Turns out, he also enjoyed free drinks from an open bar, much like I do. But that wasn’t a surprise. What was a surprise came when I told him that I worked for TITUS. I told him that we make software for businesses which helps prevent data loss, promote security awareness and comply with regulations. When I told him this, he was very intrigued. He offered that the folks in the insurance industry have been talking a lot lately about data loss incidents, from 2 different perspectives:

1. Covering businesses for data loss incidents: The big insurance firms are making changes to insurance coverage for enterprises. They are discussing the possibility of removing coverage for data loss incidents. Why? The cost of covering a business for a data leak can be unpredictable and astronomical. Data leaks can be absolutely catastrophic for an organization, and if insurance companies were to cover such losses, they need to be prepared to cover costs not only equal to the value of the entire company, but also from any legal fallout (such as lawsuits etc…) as a result of the data leak. The takeaway from this conversation for me: Insurance companies would rather offer property insurance, liability insurance, business interruption insurance etc etc… than offer coverage for a data breach incident.

As an example, it is worthwhile for insurance companies will cover the costs of a business which loses every physical asset (computer systems, buildings, equipment, yes even information) in some sort of act of God. They will also pay their employees their salaries while they re-acquire these assets for the business and get them up and running again.

It is not worthwhile however for insurance companies to cover the costs of a business which has a data breach incident. They cannot afford to cover the astronomical costs associated with such an event. This is a powerful comparison, and shows just how catastrophic and costly these data breach incidents can be. A business’ reputation is worth more than the business itself, much more. Learn how TITUS Classification solutions can prevent data leaks in your organization here.

2. How insurance companies protect themselves from these catastrophic data breaches: We all know that insurance companies can possess some very sensitive personal information on their clients. Each and every insurance broker is responsible for their own clients’ information and have an obligation to protect that information. Insurance brokers in North America are urged by their respective insurance broker associations to conduct insurance practices responsibly and with integrity. Lately, insurance broker associations have been talking more and more about the importance of protecting valuable client information from leaking, and are offering recommendations on how to do so properly. These recommendations usually involve some sort of encryption solution for communication of this sensitive data. But this takes a deep understanding of encryption technology, and even then, must be turned on and off depending on the recipient of the information and what is being sent to them. This doesn’t seem like a scalable model. By using classification as a front-end to encryption solutions, organizations can automatically apply encryption, digital signatures, or rights protection based on the classification. Users do not need to understand the encryption technology; they simply select a classification and the appropriate protection is applied transparently. Learn how TITUS Classification solutions can simplify your encryption solutions here.

Leave a Reply