Last year at this time, Target was hit by a major cyber attack. This is the time of year when people are most vulnerable to attack, and so is your business. People are buying gift certificates and memberships for family and friends and doing more online. Hackers are aware of the increased activity and they are looking for the most vulnerable. Don’t be among those vulnerable to attack, and if you are breached, be prepared by being covered.
I’ve said it before that cyber liability is a new frontier that each and every club owner needs to consider. Eight months ago I described cyber liability and how it has changed as an industry, when it was originally designed to protect the computer and technology industry. 53 million email addresses and 56 million credit card numbers were compromised in the Home Depot cyber attack. But here’s the thing – the attack was reported in April of 2014, but that number wasn’t known until this month, November. The number of people affected went beyond what anyone initially thought. You can’t afford not to care about these issues. It’s part of the reality of our lives and our businesses. In a service-oriented business like health clubs, you are collecting data on your clients and customers. And you may even be doing direct marketing to your customer base through e-mails. Understanding how you are vulnerable to hackers and protecting yourself with the latest software and an excellent IT team is important, but so is knowing what to do if you have a breach.
There are many expenses related to handling an incident, including the investigation, the remediation, data subject notification, call management, credit checking for data subjects, legal costs, court attendance and regulatory fines. 47 out of the 50 states now have mandatory breach notifications. That’s where the cost to the business comes in – not just in rectifying the situation, it’s the man-power and labor hours needed to contact everyone who might be impacted. Might.
Some of the questions you need to consider are:
– Are all your portable media/computing devices encrypted and do they need to be?
– What if there is unencrypted media in the care or control of your third-party processors?
– Are you protected by malicious acts from employees?
Typically, your general policy does not cover losses incurred from the Internet. For you to have peace of mind, know what kind of coverage you need, how much you need and what kind of devices (yes, mobile phones can be covered) you need to include. Stay connected and stay protected.