Financial institutions' information exposures have many causes and are difficult to control. And even with the best systems, controls, personnel and procedures, no bank or credit union is immune to the risk.
It only takes one small human error, or an office break-in, or a clever hacker to compromise millions of records and create potential havoc within your organization.
Essentially, a data privacy breach is not a question of "if". The only question is "when?"
The negative publicity resulting from a data breach can lead to massive reputational and brand damage.
An effective response is a complicated response. Beazley BBR will be with you every step of the way, providing effecting data breach protection for financial institutions.
The patchwork of breach notification laws that now exist in 48 US states, provide a great deal of exposure for financial institutions. These laws prioritize the security of financial information, and in the event of a cyber breach, require costly internal investigations, significant expenses on outside vendors, and ultimately, notification to the public.
In addition to these state laws, banks and other financial institutions have many unique data protection obligations under the Graham Leach Bliley Act, the Fair Credit Reporting Act and the regulatory expectations of the Federal Trade Commission. Credit unions must also follow the data security requirements imposed by the National Credit Union Administration.
The publicity fallout from a cyber breach entails the risk of massive reputational and brand damage. It is safe to assume that poorly handled breaches result in far higher customer defection rates; in fact, 22% of breached organization lost customers and 40% of those organizations lost more than a fifth of their customer base.*
*Source: Cisco 2017 Annual Cybersecurity Report
The publicity and customer dissatisfaction that surround a cyber breach have spurred a wave of class action complaints against financial institutions big and small. Enterprising plaintiffs’ lawyers relying on a variety of privacy laws have filed complaints seeking billions of dollars in damages. The risk of crippling damages, and the sizeable costs of litigation, often push organizations to settle even in the absence of any clear harm to the plaintiffs.
State and federal regulators have made one point clear: a significant breach of customer information will result in monetary penalties, onerous corrective action plans, and on-going audits. Whether from the Federal Trade Commission or state attorneys general, the regulatory landscape for financial institutions carries an immense amount of risk.
Beazley, a leading insurer of technology and information security risks, has developed Beazley Breach Response (BBR), a solution to privacy breaches and information security exposures tailored to the needs of higher education.
BBR is a complete privacy breach response management and information security insurance solution which includes a range of services designed to help you respond to an actual or suspected cyber breach incident effectively, efficiently, and in compliance with the law.
- Legal services
- Computer forensic services
- Notification services for up to 5 million affected individuals
- Call center services
- Credit monitoring, identity monitoring or other personal fraud or loss prevention solutions
- Public relations and crisis management expenses
- All of the policy’s multiple limits will be available for breach response.
- Business interruption loss from security breach or system failure
- Dependent business interruption loss from security breach or system failure
- Cyber extortion loss
- Data recovery loss
- Data and network liability.
Third party coverage
- Third party information security and privacy coverage with up to $15M
- Full media liability
- Regulatory defense and penalties
- Payment card liability and costs.
Criminal reward coverage
Not if, but when. Any financial institution handling customer data will, sooner or later, be confronted with the challenge of a data breach. It's not a matter of "if" but "when".