The popular image of a data breach is a hacker in his mother’s basement breaking into the mainframe and stealing everything they want. But data breaches very rarely happen in that manner. Cyber criminals keep innovating but breaches may be triggered in much more mundane, unintentional manners.
Some examples of how data is breached include a company insider stealing and selling new information or using it to fund his own company upon; denial of service (DDoS) attacks that flood, overload, and ultimately shut down systems; point of sale hacks that target point of sale terminals such as registers that have become more vulnerable as they have become more tech-based; credit card skimming, as skimming devices placed on credit card readers steal personal information when a card is swiped; and identity theft through resetting passwords after finding security question answers through public social media. Click here to learn about more methods of data breach.
How can you protect yourself and respond to all these different types of data breaches? Cyber liability insurance!
Under ERISA, fiduciaries may be held personally liable for a breach of their responsibilities in the administration or handling of employee benefit plans. Under ERISA 410, the plan cannot relieve you of this responsibility with indemnification language, however, it specifically permits persons with personal liability to purchase fiduciary liabilityinsurance. Covering yourself with fiduciary liability insurance gives you a piece of mind that you are protected.
Colonial’s cyber insurance provides a services-based solution to help plan sponsors manage data breaches successfully. These services include a dedicated team of cyber breach professionals who assist plan sponsors at every stage of incident investigation and breach response. These professionals coordinate the carefully vetted forensics experts and specialized lawyers to help plan sponsors establish what’s been compromised; assess plan sponsor responsibility; and, notify those individuals affected. In addition, these services will also coordinate credit or identity monitoring, and PR advice to help the plan sponsor safeguard its reputation. Of course, Colonial’s cyber insurance also indemnifies and defends plan sponsors from covered lawsuits or regulatory actions, the risk of which may be reduced by a well-coordinated breach response, but can never be completely eliminated.
Ongoing governance and evaluation of recordkeepers can help protect data, but the only way to fully protect against a potential cyber attack’s data breach is to purchase cyber liability insurance from Colonial Surety Company.