Tag: cyber security insurance

Inclement weather, solar flares, earthquakes – how disaster proof is your businesses technology?
We’ve written quite a bit about cyber security disasters and disaster recovery in that context (here are just a couple options Why every business needs a documented backup and disaster recovery strategy and Data Breached? 5 ways to reduce the impact on your business), but what about a disaster that’s truly out of your hands?

Depending on where you live there are different types of types of disasters to worry about, and some disasters such as solar flares or geomagnetic storms are a global concern.

While it’s been hyped by certain news outlets that a solar storm of spectacular magnitude could wipe out our global network and cause nationwide blackouts, solar events of the level required to cause mass destruction are spectacularly rare. Nasa rates solar flare levels on a scale that includes B Class which is the smallest, through C, M and X class which is the biggest. Within each scale there is a rating from 1-9 for the first three levels of solar flares and X class flares can be rated up to 17.

X-class flares actually occur fairly frequently, with there being 11 so far in 2023 at the time of writing. These flares are strong enough to disrupt satellite signals or deliver a minor dose of radiation to passengers on an airplane when they occur.

The best defense against solar events such as these is to advocate for improving our electricity grids, above ground electricity components are the most vulnerable if a significant solar flare were to occur. We do want to stress again though that an event of that nature would be exceedingly rare.

Let’s now take a look at events that are much more common, such as inclement weather or for California based businesses such as ours, earthquakes.

While you most likely have insurance that would cover your physical property including your office building, hardware and office furniture, it might be important to ask your insurance broker if it will also cover intangible assets.

It is likely you’ll need a cyber liability policy to provide coverage for your data, below is a chart for what we typically see is covered (and not covered) by cyber liability coverage.

As you can see most cyber liability policies cover business interruptions and data loss even if the cause is not cyber security related. What’s often not covered is events that fall within your control (such as the human element we’re always mentioning when it comes to common hacking techniques such as phishing).

Another good way to protect your data from disaster events that may impact your business is to have most of your data located off premises in the cloud.

While the cloud is often construed as a nebulous concept, really hosting your data in the cloud just means it’s on a server somewhere else. If your on-premises server is subject to catastrophic system failure for any reason, the cloud copy of your data would be safe.

There are many low cost or free cloud options you can take advantage of for your data, we have a guide to the best way to use the free OneDrive storage that comes with your Microsoft 365 subscription here.

Also, if you work with a managed IT provider such as Valley Techlogic, backups and backup maintenance is often included as part of your service plan. We have information about our own back program, TechVault.

If disaster proofing your business in 2024 is on your to-do list, why not collaborate with us? We have experience in creating plans for businesses to make sure we avoid all preventable downtime and to protect your data from catastrophic events. If you’ve already suffered a data breach or other system outage and need assistance in data recovery that is also a service Valley Techlogic can provide. Reach out today for more information.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
December 1, 2023
Data breached? 5 ways to reduce the impact on your business.
We’ve posted a lot of articles on how to avoid a data breach (here are a couple of recent ones for you to review if one hasn’t happened to you so far and you’d like to keep it that way).

Unfortunately, we fear that if you’ve reached this article you may be part of the growing number of business owners whose data has been breached (in 2020 there were 700,000 attacks on small businesses with damages exceeding $2.8 Billion).

Data breach severity varies widely, from an employee email being temporarily hacked all the way to having your backups infiltrated and locked for a ransom – and even if you pay the ransom you still might not recover your data.

So if you’ve experienced a significant data breach and wondered what you could have done to have a better outcome, or even if you’re in the midst of one now what should you do?

Here are our top five tips for reducing your data breach costs (now or in the future):
1. Damage Control – Turn to the pros (like us) when it comes to recovering your data in the event of a breach, they will have access to tools that could recover data that will otherwise be lost if decryption efforts fail in the hands of someone who doesn’t know what they’re doing. Bottom line, know who you’re going to call in an emergency and don’t be afraid to get their help sooner rather than later.
2. Downtime Mitigation – Downtime is one of the most expensive elements of a data breach, if you don’t already have a disaster recovery plan a previous breach can highlight exactly what needs to be a priority in your business if your data is unavailable. Also, a team like Valley Techlogic can help you create a disaster recovery plan.
3. Turn to Your Vendors – Your vendors may have some methods for assisting you in the event of a data breach. For example Microsoft has a shared responsibility model for data but if you have Microsoft 365 and use OneDrive, some of that data may still be safe on their end and accessible to you (once your devices have been cleared and are safe to use).
4. Be Transparent – If your business is very customer facing, an outage in your business caused by a data breach may be very obvious to them. We don’t recommend trying to hide the fact that a breach has happened but instead being transparent about what happened and what you did to fix it, and how you plan to prevent it in the future.
5. Cyber Prepared – The best way to recover financially from a data breach is to have cyber insurance in place before the attack happens, while it may be too late for a past breach you can prevent future financial loss by using our guide to reviewing and obtaining cyber security insurance here.
Of course, an ounce of prevention is worth a pound of cure unfortunately when it comes to cybersecurity attacks. We would be remiss not to offer a few tips on preventing a data breach specifically. You can grab this checklist to make sure these items are covered to prevent future data breaches:

Click to download the full size version.

If you’re currently dealing with a data breach or have dealt with one in the past and want to prevent future breaches, Valley Techlogic can help. We are experts in cybersecurity and use industry best practices to provide the best security coverage for our customers that is also cyber insurance compliant. Learn more with a consultation today.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
February 17, 2023
The Rockstar Games data leak and how reputation loss can be one of the costliest aspects of being hacked
Video game news might fall outside our normal wheelhouse but reporting on cybersecurity events is right up our alley, and this the most recent hack on major game developer Rockstar Games made major news over the weekend so we wanted to chime in with our thoughts.

The hacker going under the moniker “Tea Pot” released video clips of Rockstar Games unreleased (and previously unannounced) new game, Grand Theft Auto 6. The clips revealed spoilers on the games content and also showcased rougher assets as the game is still in early development, something game publishers don’t ordinarily highlight.

In a message acknowledging the breach the Rockstar Games Team had this to say:

The hacker returned after releasing the data and sent a message on the GTAForums claiming they wanted to “negotiate a deal” with Rockstar Games, hinting that they had more data to release. Speculation proliferated across the internet that the hacker had somehow obtained some of the games source code.

With the source code portions of the game could be re-engineered (outside Rockstar Games) and that could even possibly be used to provide at least a semi-playable version. The fallout from that would be devastating as it would steal the developer’s agency in releasing their own content and also reveal trade secrets that could be used to help create knockoff or pirated versions.

Rockstars parent company, Take-Two, has issued take down notices to social media accounts and Youtube channels broadcasting the stolen footage as work to perform damage control. There will probably be a costly investigation into the origination of the hack and there may even be financial complications beyond that, as investors may question what effect this leak will have on the eventual release of the game.

This hack is a perfect example of the reputation cost associated with being hacked. Recovering data you need to do your day to day job is one aspect, but you also need to think about data you wouldn’t want released to the public.

Projects that haven’t been announced yet or information that’s not easily changed (tax information, personal identifying information) are just two factors, but there’s also the release of your customers private data. Many aren’t aware a breach involving client information can even lead to legal ramifications depending on regulatory factors in your sector.

There’s also your private emails or messages, which could have future business plans, personal information, or other things that could be used by the hackers in a ransomware attempt (or even ongoing blackmail).

Cybersecurity prevention’s are important but one element that has surged to the forefront of our minds is a recovery tool that’s becoming more difficult to obtain – cybersecurity insurance.

You can review our comprehensive guide on the topic but here’s a brief chart on what cybersecurity insurance typically covers:

Click to view the full size version.

Obtaining coverage can be challenging, the requirements have grown much steeper as cybersecurity attacks become more common place, and that doesn’t look like it’s going to change anytime soon. At Valley Techlogic we have experience in helping clients obtain coverage so if the unthinkable does occur, their business will survive the hit.

Whether you’re are in the early stages of researching cybersecurity coverage or if you have an application form in front of you, we can be your guide through the process. Schedule a consultation today to learn more.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
September 22, 2022
Cyber Insurance – What you can do to ensure your business will be covered in 2022
Last month we released our new cyber insurance report which is an in depth look into this topic, but we wanted to touch on what we’re specifically seeing so far in 2022 in today’s article because from what we’re seeing in from our clients and in the industry – cyber insurance requirements are on the rise.

If you’re new to cyber insurance or aren’t sure what’s covered under this sort of policy, for most insurance providers cyber insurance offers coverage for technology related disasters. This could include a cybersecurity event such as ransomware or a data breach but depending on your level of policy it might also include IT related downtime not related to cybersecurity such as internet outages. You may even see coverage for specific device issues, such as the loss of an office server that’s critical for day-to-day operations.

When it comes to the cybersecurity related coverage what many people don’t realize is it’s not only meant for covering your own losses, but also the potential loss incurred by your customers. If you have a data breach, your cyber insurance coverage will cover the cost of any litigation brought by your customers and it may also cover items such as on-going credit monitoring if their PII (personal identifying information) was exposed in the data breach your company suffered.

It can be easy to feel detached from a loss you haven’t suffered yet. To put some perspective to, it during the Anthem data breach in 2015 when involved 80 million patient records, their costs to notify their customers (which HIPAA regulations stipulate must be done by snail mail) exceeded $40 million in just postage. That’s not even taking into consideration all of the other costs associated with that breach.

They’re a major corporation, so again it may be difficult to imagine yourself in those shoes, but even for small companies the average costs are as high as $200,000 per breach. Also, if you’re hit with a ransom and think you can just pay it and get out intact, think again. Many times, even if you receive the de-encryption key from the hackers your data may still be lost.

It’s not surprising that insurance providers are looking at this and wondering how they can alleviate some of the risk they’re taking providing insurance to customers going forward. The requirements are increasing, even for us as a technology provider for businesses we’re seeing longer forms that we’re assisting our customers with when they go to acquire a new cyber insurance policy.

These longer forms are featuring more difficult questions as well. We have made cybersecurity a staple feature of our plans so our customers are in a good place for obtaining a cyber insurance policy, but the truth is if cybersecurity has been on the back burner for your business, you may have a difficult time in 2022 and beyond finding an insurer that’s willing to cover you.

As an idea of where to start before you go to obtain a cyber insurance policy, we’ve created this checklist of items you can begin to work on to put your business in a better position this year.

Click to grab the full size version.

Many of the items listed are easy for even someone who’s not very tech savvy to tackle, but if you’d really like to protect your business from hackers this year, we suggest teaming up with a tech provider like Valley Techlogic.

Cybersecurity is a core focus for our business, we will match your business with a cybersecurity framework that makes sense – for example CMMC for defense contractors, HIPAA for healthcare providers, NIST or CIS for small and medium sizes businesses of any industry – and use that framework to have a concrete game plan for making sure your networks and devices are impenetrable to bad actors. Learn more today with a quick consultation

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley TechLogic, IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
February 3, 2022