Independent agents have a twofold concern about cyber risk and security: their own and their clients'. To assist with this, ACT has produced a three-part Lightning Learning series, Cyber Challenges and IAs," that familiarizes viewers with the threats and solutions.
In Session 1, we learn important facts about the origination of cyber threats. Initially, the biggest companies worldwide were targeted for privacy breaches and data theft, but as these enterprises got smarter and more hackers turned their sights to smaller businesses. With limited budgets, these smaller organizations often don't have the capability to keep up with software enhancements and other security measures needed to make systems safe from increasingly sophisticated bad actors.
While the financial services industry comprises only about 7.25% of the total number of data records stolen or lost to cybercriminals, there were almost six million records exposed from independent agencies in 2017. The costs of responding to and rectifying such losses typically run between $84,000 and $148,000 per attack and have, in some cases, reached nearly $700,000. In about 60% of cases, a small-business victim of a cyber incursion folds within six months of the attack.
Session 2 builds on this theme, pointing to the additional costs of penalties and the mandatory actions agencies and other companies must take to comply with various state and federal laws. The Gramm-Leach-Bliley Act remains in force nationwide and requires a written information-security plan and other privacy protections. New York, Ohio, South Carolina and California are among states that have specific, additional cyber requirements. And the National Association of Insurance Commissioners has produced a model cyber law for states that affects many in the insurance industry. These state-based initiatives are part of the webinar's content.
Spotlighting helpful steps from the Agency Cyber Guide 2.0," Session 2 provides an at-a-glance checklist of measures agencies and their clients can take to build up cybersecurity.
Session 3 of the Lightning Learning webinar discusses specific resources to help agencies develop their knowledge and plan of action. It also offers a vendor matrix that gives a great example of service items cyber vendors cover as well as a breakdown of vendors that offer those services.
This webinar series is a good place to begin your cyber-security journey. It's also a solid tool for checking your progress if you are already underway on building a cyber-risk program. It may help you hone your approach to ACT's Agency Cyber Guide 2.0" so you can get the most out of its rich content. View the webinar here at your convenience. The ACT Agency Cyber Guide 2.0 can be found here to assist with taking action on a cyber strategy.