In the second quarter of 2011, someone hacked the Sony Playstation Network. They found an opening in the online video gaming network’s passowrd-reset system and penetrated the security protecting its customer database. Days later, the company admitted that the hackers had obtained personal information on 70 million or more subscribers. The hackers got the names, physical and email addresses, birthdays, and other identifying information, and it’s possible that they got credit card numbers. Sony took the network offline to reinforce it, but within days of it coming back online, hackers broke in again.
Now the Playstation Network is a high-profile target with tens of millions of subscribers, making it attractive to criminals. However, even small businesses that do business over the internet are vulnerable to the same kinds of intrusions.
To prevent or reduce losses and make themselves more attractive to insurance companies, businesses should:
Implement strong network security systems, and continually monitor and update them as needed and develop plans for responding to any network intrusion events that occur. A sound plan identifies who should be involved in the response, and you should have procedures for notifying affected customers and authorities. You should also have a public relations strategy for keeping the public informed.
The majority of businesses and organizations operating today are vulnerable to unauthorized intrusions into their computer networks. The potential costs are more than most organizations can fund on their own. Cyber liability insurance is a smart investment that can literally save a company.