Most of us have emails filling our inboxes throughout each workday. Often, it seems like a job in and of itself just to keep up with them. When an invoice comes across your desk, you typically review it, approve it or reject it, and move on. Imagine your surprise when you receive an email from a client you have been working with, confirming that they have paid their invoice.
Confused, you respond that you have not invoiced them, yet they are able to forward you an email that looks like it is from you. You check your inbox—did someone else create and send an invoice? It sure looks like it came from you, until you look at the account number. Shocked, you realize that you don’t recognize the account. Ask yourself, how well do you know the account numbers for each client?
Most of us don’t pay attention to those details. After frantic phone calls back and forth, it comes to light that your system has been hacked, and your client just sent thousands of dollars to the hacker, which they will likely never be able to retrieve. You have now put your own financial future at risk, as your biggest client wonders what you are doing that exposed you to such risk. So now what?
Unfortunately, this is a very real scenario that plays out daily throughout the United States. A majority of construction clients who haven’t been faced with a situation like this often think cybersecurity doesn’t apply to them. If they do, they have a policy to cover it, yet they have little to no idea about what the policy includes.
With the growing use of digital technology, the construction industry is more vulnerable than ever to cybersecurity threats. With the amount of work now completed online and on computers or tablets—from building information modeling (BIM) to invoices, building automation services and everyday correspondence about projects—construction companies are opened up to innumerable cybersecurity threats and liability. If a company is not adequately protected against exposure, the associated costs can be financially crippling.
Cyberthreats expose companies to liability risks constantly. For example, if you unknowingly send someone a virus that attacks their system and gives a hacker access to sensitive information, that would come back as a liability claim against your cyber liability policy.
This is why cyber liability insurance is an essential part of doing business in the 21st century. Before a cyber incident or data breach occurs, ensure that cyber incidents are endorsed on your crime insurance policy or that you have comprehensive cyber coverage.
Some elements to look for in your cyber coverage include:
Some of these elements may overlap with coverage from existing products, including those for business continuity, third-party supply chain issues and professional indemnity.
Work with your insurance broker to ensure that even if an overlap exists, your cyber liability policy will ensure identified cyber risks are covered.
Cybersecurity is such a complex issue that it takes a number of players with different specialties to fully protect a company. When you are looking to create or renew an insurance policy, find an insurance company that specifically addresses cybersecurity. No carrier is the same, just like no business is the same.
The following basic considerations will guide you in your decision-making process:
No two companies are the same when it comes to cyber risks. It is essential to understand the cyber risks your business faces, have a plan in place for when a breach occurs and ensure your cyber policy is tailored to mirror those risks and work with your plan. By doing this you will help mitigate the potential losses your company could face in the event of a breach.
Any type of cyber breach can cripple an organization by causing downtime or reputational damage. Now that the big corporations have so many tools in place and full-time IT departments to combat cyberthreats, hackers are going after smaller businesses and contractors without those available resources.
Align yourself with the right risk management and IT team, and you will be less likely to fall victim to these attacks.
Previously published in the October 2016 issue of Construction Business Owner
Lorem ipsum dolor sit amet, consectetur adipiscing elit
150 Main Street, Suite 300
Menasha, WI 54952
Call us: 800-236-1034
No Comments Yet
Let us know what you think