The Risk and Why: Cyber Attacks - Are You Prepared?

(01/13/2014) Matt Engle, Cragin & Pike

With the recent cyber attacks on Target and Nieman Marcus, the awareness of data breach theft is extremely high for customers who trust those companies to keep their personal data safe. Target is already facing several lawsuits across the country from their customers and a public image nightmare. If you are a business owner, have you considered what you would need to do, legally and ethically, if a breach occurred to your business? Do you have a plan? What would it cost if a data breach occurred to your company?

If your company takes payments via credit card, has online payment capability or stores customer, patient, or employee personal data, you are at risk for a cyber attack. Hackers are hacking into business computer networks for political or financial gain. Sometimes it is for the challenge and sometimes it may be to steal trade secrets. Currently, the data breach attacks gaining media attention are largely for financial gain. Stealing personal data information, including credit card numbers, provides criminals with “the gift that keeps on giving” in the black market world of identity theft.

Most businesses today have a Disaster Recovery Plan in the event of a catastrophe happening to their business operations affecting business profits. Earthquakes, floods, fires, etc., are common examples of events that can impact generating profits. Today, a Data Breach Response Plan should be included as a component of any effective Disaster Recovery Plan. IT security is commonly leaned upon to prevent data breaches and it should continue to play an integral part of protecting data. Many business owners have also learned to train their employees of the dangers of clicking on unknown links from an email and the importance of strong passwords. How many, though, have a Data Breach Response Plan? Do you have one?

Constructing an effective Data Breach Response Plan should involve input from senior leadership, IT security professionals, an attorney familiar with data breach notification laws and a commercial insurance/risk management broker. Some key components and questions to contemplate should include:

  • How would you report the data breach incident?
  • What is the role of your leadership team internally and externally?
  • What vendors do you need to have in place, i.e., IT firm, Public Relations firm, attorney?
  • What notification is required by State law to your customers?
  • How will the effort be funded? Do you have coverage on your insurance program?

In today’s environment, it is not a question of “If,” it is a question of “When.” What is your plan?


Matt Engle is a Commercial Insurance Agent with Cragin & Pike and Faculty Member with Lorman Education out of Las Vegas, NV. Matt specializes in Cyber Liability insurance programs for business, medical and non-profit entities. He can be reached at 702.877.1111 and

Ready to get started?

Our staff of experienced insurance professionals can develop programs that make sense for your company and your employees.

Signup for Upcoming Seminars

No events were found.
Report a Claim

(702) 877-1111

You can also report a claim using our online forms here.
Newsletter Signup

Subscribe to our newsletter