The Securities and Exchange Commissions’s Division of Corporation Finance has recently advised companies that they should regularly review the adequacy of their disclosures of the cybersecurity risks they face, including the descriptions of their insurance coverage for such risks. Cybersecurity breakdowns and the attendant data breaches range from a variety of deliberate and sophisticated digital attacks on computer systems to unintentional and rather mundane events such as the misplacement of physical tapes holding data.
The losses and expenses arising out of such incidents for which insurance coverage is needed include:
- the costs of complying with the federal, state and international requirements for post-data breach notifications;
- the costs of legal and forensic services as well as fines and penalties related to government investigations;
- the costs of crisis management and public relations services;
- the costs of defense and indemnity (for settlements or judgments) for claims of invasion of privacy, identity theft, misappropriation of intellectual property or confidential business information, and loss, corruption or theft of data;
- loss of use of computers and systems and the attendant business interruption;
- harm to reputation and goodwill. For the full article click here
from cyber security caucus http://ift.tt/1UJMSK7
via IFTTT
No comments:
Post a Comment