internet

Year in Review: 2014 Cyber Attacks (What Startups Should Know)

Carl Niedbala - Founder Shield
Carl Niedbala

COO & Co-Founder

2014 Cyber Attacks Reviewed

For the last four years, cyber risk management firm Net Diligence has done a report on cyber insurance claims for the year…and 2014 has been a hell of a year for cyber attacks.  This year’s report has been published and has some very interesting findings pertaining to the startup community.  An excerpt from the introductory pages reads:

“For this study, we asked insurance underwriters about data breaches and the claim losses they sustained. We looked at the type of data exposed, the cause of loss, the business sector in which the incident occurred and the size of the affected organization. For the first time, this year we also looked at the two additional data points: was there insider involvement and was a third- party vendor responsible for the incident.”

While the general claims data is valuable, the 3rd party vendor data is particularly important for startups.  From AWS to Heroku to WordPress, almost all startups use a slew of these vendors to host and deploy their apps and content.

Here are the biggest takeaways from this year’s study:

  • Startups accounted for roughly 23% of claims reported.  The study considered 3 revenue ranges for “small revenue” companies.  Companies under $2B accounted for 75% of the claims studied and companies under $50M in revenues accounted for 23%.
  • 20% of claim situations arose due to an error of a 3rd party vendor.
  • Healthcare and financial services were the 2 most frequently breached areas, collectively accounting for 55% of the studied breach incidents.  The study notes that the healthcare space has seen a rise in claims due to a more aggressive approach taken by state attorney generals in recent years.
  • The average cost to defend a data breach claim was $698,797.  The average cost for legal settlement was $558,520.

The key takeaway here is that while Home Depot and Target have received most of the data breach press over the last year, it doesn’t mean that startups are any less of a target.  Furthermore, some of the areas most ripe for disruption – Healthcare and Fintech – are particularly exposed to cyber risks.  A base level cyber insurance policy with $1M limits can go a long way for a company that plans on making big waves in one of these areas.


You can download/view the full report here.  Check out our coverage page to learn more cyber insurance (and other important coverage) and reach out to talk to someone.

 

Related Articles

digital-health-companies
November 16 • Risk Management

Insurance Guide for Digital Health Companies

Digital health companies impact society now more than ever before — but new opportunities mean facing unknown risks. Here’s the insurance guide you need to help protect your ehealth business.

IPO Roadmap Feature
October 26 • Risk ManagementSpotlight

Guide to Going Public: De-Risking the Process of Filing for an IPO

If filing for an IPO is in your future, this guide will help you make sense of the entire process, from prepping your IPO team years in advance to managing SEC comments in the heat of the transition. And we’ve called in the experts!

startup-tax-incentives
October 12 • EPLIRisk Management

Valuable Tax Incentives & Credits for Your Startup

Should startup founders consider tax incentives and credits as part of financial savings? Here’s why this strategy might makes sense for your small or mid-market business and how to make it happen.

cybersecurity-awareness-month
October 6 • Cyber LiabilityRisk Management

Cybersecurity Awareness Month 2022 — Data, Data, Goose!

As the leaves turn golden and the wind blows colder, cybersecurity awareness month is upon us! Here’s what it’s all about and how your company can stay cyber-safe.