44 Second Street San Francisco, CA 94105 (415) 512-2100 Facebook Twitter LinkedIn Google+ Yelp


Car and House

Personal Insurance

We provide a full range of coverages for your personal insurance needs. From the first time buyer, to high valued homeowner, automobiles, and umbrellas. We will review, quote, and secure coverages for your needs.

Get Started

Commercial Insurance

From the initial startup company to the publicly traded corporation, we will review, quote, and secure coverage for your business. We have found that transferring risk to an insurance company is often the most efficient way to protect your corporate assets and human resources.

Get Started

Health & Life Insurance

Protect the ones you love the most with the proper coverage for your needs. Everyone’s needs are unique and finding secure coverage can be stressful. Whether you want to cover your family, yourself or the people who help your business going, we’ll find the right plan for you.

Get Started

In an epic 2013 data breach at a major bank, officials estimated information was compromised on 76 million households and seven million small businesses. Public reports in the aftermath of the incident noted investigators traced the breach to the network of a third party vendor – the bank’s security team reportedly neglected to upgrade a server at the small company that runs the bank’s charitable race website. It’s a seemingly small oversight that created a virtual unlocked door through which hackers gained access to the bank’s vast network.

That breach prompted state and federal regulators to push financial service providers, including banks, to bolster their own security as well as that of outside vendors. Banks have, and continue to, invest heavily in information and network security as they have been a significant target for criminal activity, including cyber attacks. On the other hand, asset managers, widely recognized as an industry ripe for cyber attacks, are still in the process of assessing their cyber exposure and increasing their investment in information security programs. With midsize funds running from $1 billion to $5 billion, and the largest funds in the multi-trillion dollar range, it is imperative that asset management firms identify their cyber exposure and begin appropriately managing those risks, according to Kenneth Li, the financial services product director at The Hartford.

Cyber attacks pose risks that implicate every area of its businesses, including theft of intellectual property, violation of client privacy, business interruption, and class action lawsuits.  In addition, regulators have identified cyber attacks as a significant threat to the financial services sector and have increased its examinations and enforcement activity.  For instance, the Office of the Compliance Inspections and Examinations (OCIE) and the Securities Exchange Commission (SEC) have embarked on a mission to assess cyber security preparedness and threats in the securities industry, launching examinations last year of more than 50 investment advisors and broker/dealers.  Where firms have fallen short of adopting appropriate precautions, regulators have assessed significant fines against financial service providers, including asset managers.[1]

Identifying cyber-related exposures and applying the right privacy and information security programs is a monumental task, especially against a backdrop of an ever changing threat landscape and continually evolving adversaries, according Thomas Kang, the cyber product manager for The Hartford.  While industry standards and cyber security frameworks, including those outlined by the National Institute of Standards and Technology can help, asset managers should look to cyber insurance products to transfer some of the risk.

Kang outlines some cyber insurance solutions available to asset managers:

Cyber Security Services

While it is critically important to have internal privacy and information security professionals, leveraging outside service providers to assist in privacy and information security can help asset managers quickly identify vulnerabilities and close any security or compliance gaps in a cost effective manner.  However, it can be difficult for even experienced information security professionals to identify cyber security services that matter and service providers with the requisite experience and skills to help mitigate cyber risks.  Experienced insurance carriers have identified gaps and vulnerabilities that have led to actual paid losses and can recommend services and service providers that can improve an organization’s privacy and security posture.[2]

Incident Response Expenses

Currently, 47 states have data privacy laws that require notification of a data breach.  Often, there are significant costs associated with investigating an event, assessing any requirements, engaging third parties to notify clients and consumers, and communicating proactively with appropriate government agencies.  According to the 2014 NetDiligence Cyber Claims Study, the average cost for crisis services including notification costs, was $366,484. Moreover, a failure to respond properly to a data breach can lead to consumer class actions and regulatory proceedings, which can quickly multiply losses.  Most importantly, data breaches can damage a company’s brand and diminish the trust it has worked to build with its clients.  Insurance products can not only provide coverage for these expenses but experienced carriers can be a valuable partner in ensuring that the breaches are handled the right way to protect the company’s brand and mitigate third party liability.

Third Party Lawsuits

Even when the breach response is handled correctly, consumers can seek redress of any damages they may have suffered.  In addition, regulators often initiate investigations following a breach to determine if the firm had properly established cyber security protocols. This can be especially acute for asset managers, who are entrusted with the safeguarding extremely sensitive client records. However, errors and omissions insurance policies for asset managers are often unclear whether claims, including regulatory investigations, associated with data breaches are covered as failure to properly render professional services.

According to Kang, it is critical that risk manager secure cyber insurance policies that expressly address this exposure.

The question is no longer “if”, but “when” a data breach will impact a company’s bottom line and business performance. “This may represent a significant shift for asset managers accustomed to thinking about liability in terms of their role as fiduciaries. But having best practice-based policies and procedures is the best hedge against a catastrophic network system breach and its devastating after-effects,” says Li. Partnering with the right insurance company can help asset managers proactively improve their information security posture and reduce losses when something goes wrong.

( By Kenneth Li, The Hartford and Thomas Kang, The Hartford Source: TheHartford.com)

[1] On May 22, 2015, FINRA found that Sterne Agee violated SEC Reg S-P based on the firm’s failure to encrypt an employee’s laptop, which was inadvertently left in a restroom and lost.  FINRA fined the firm $225,000 for failing to establish a system that protected customer data using “appropriate technological precautions.”

[2] The Hartford disclaims all liability with respect to any such services and service providers.  The services provided are not substitutes for the services of your legal counsel.

Cyber liability discussion

Share |

No Comments

Post a Comment
Required (Not Displayed)

All comments are moderated and stripped of HTML.
Submission Validation
Change the CAPTCHA codeSpeak the CAPTCHA code
Enter the Validation Code from above.
NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive

View Mobile Version
Contact Us
Latest Blog Posts   Checklists

Personal Insurance We offer many different ways to help you cover your valuables. Check off the coverages you would like to discuss with us. Start >>
Commercial Insurance Each business is unique and requires a unique policy. Check off the coverages you would like to discuss with us. Start >>
Health & Life Insurance Be prepared for the road ahead. Let us know what services you are interested in learning more about by filling out this checklist. Start >>
Our Partners
Our Location About Sweet & Baker Commercial Services Personal Services Health & Life
Sweet & Baker Insurance Brokers
44 Second Street
San Francisco, CA 94105 - 3440
Phone: (415) 512-2100
Fax: (415) 512-1115
M-F 9am-5pm
License# 0B60897
Our Team
Compensation Disclosure
In The News
Insurance Links
High Value Homes
Estate Planning
How to Choose A Plan
Directory of Providers
Employee Connection
HR Services / HR Hotline Alert
Life Insurance for Key-Person
Maxwell Health ThinkHR