Retailers are prime targets for cyber criminals looking to exploit vulnerabilities through point of sale systems. Once such a breach occurs, compulsory data breach notification laws will ensure that the public knows about the event, posing a significant risk to the retailer’s reputation and brand. A study conducted by the Economist Intelligence Unit in April 2013 found that 38% of respondents affected by a data breach no longer did business with the organization concerned “because of the data breach,” and 46% said they had advised friends and family to be careful of sharing data with the organisation.

Commerce without credit and debit card payments is unimaginable. Whether at the point-of-sale, online, or through a call center, the retail industry processes a staggering volume of credit card transactions. A breach of credit card information, which the card brands frequently detect before the organization even suspects any foul play, can result in fines, penalties, mandated computer forensic costs, legal fees, and worst of all, the inability to process payments.

The publicity and customer dissatisfaction that surround a data breach have spurred a wave of class actions against retailers big and small. Enterprising plaintiffs’ lawyers relying on a variety of privacy laws have filed complaints seeking billions of dollars in damages. The risk of crippling damages, and the sizeable costs of litigation, often push organisations to settle even in the absence of any clear harm to the plaintiffs.

State and federal regulators have made it clear that a significant breach of customer information will result in monetary penalties, onerous corrective action plans, and on-going audits. Whether from the Federal Trade Commission or state attorneys general, the regulatory landscape for retailers carries an immense amount of risk.

In addition to covering your business, BBR also protects your partners though third party coverage.  Third party coverage includes:

• Third party information security and privacy coverage with up to $15M in limits in addition to the breach response coverage
• Regulatory defense and penalties
• Website and offline media liability
• PCI fines, penalties and assessments
• Cyber extortion
• First party business interruption and data protection with limits up to $15 million.

Beazley, a leading insurer of technology and information security risks, has developed Beazley Breach Response (BBR), a solution to privacy breaches and information security exposures tailored to the needs of retailers. We pioneered the concept of data breach insurance that focuses first and foremost on response. BBR is a complete privacy breach response management and information security insurance solution which includes a range of services designed to help you respond to an actual or suspected data breach incident effectively, efficiently, and in compliance with the law.