Year in Review: 2014 Cyber Attacks (What Startups Should Know)

Generic placeholder image
Carl Niedbala

COO & Co-Founder


2014 Cyber Attacks Reviewed

For the last four years, cyber risk management firm Net Diligence has done a report on cyber insurance claims for the year…and 2014 has been a hell of a year for cyber attacks.  This year’s report has been published and has some very interesting findings pertaining to the startup community.  An excerpt from the introductory pages reads:

“For this study, we asked insurance underwriters about data breaches and the claim losses they sustained. We looked at the type of data exposed, the cause of loss, the business sector in which the incident occurred and the size of the affected organization. For the first time, this year we also looked at the two additional data points: was there insider involvement and was a third- party vendor responsible for the incident.”

While the general claims data is valuable, the 3rd party vendor data is particularly important for startups.  From AWS to Heroku to WordPress, almost all startups use a slew of these vendors to host and deploy their apps and content.

Here are the biggest takeaways from this year’s study:

  • Startups accounted for roughly 23% of claims reported.  The study considered 3 revenue ranges for “small revenue” companies.  Companies under $2B accounted for 75% of the claims studied and companies under $50M in revenues accounted for 23%.
  • 20% of claim situations arose due to an error of a 3rd party vendor.
  • Healthcare and financial services were the 2 most frequently breached areas, collectively accounting for 55% of the studied breach incidents.  The study notes that the healthcare space has seen a rise in claims due to a more aggressive approach taken by state attorney generals in recent years.
  • The average cost to defend a data breach claim was $698,797.  The average cost for legal settlement was $558,520.

The key takeaway here is that while Home Depot and Target have received most of the data breach press over the last year, it doesn’t mean that startups are any less of a target.  Furthermore, some of the areas most ripe for disruption – Healthcare and Fintech – are particularly exposed to cyber risks.  A base level cyber insurance policy with $1M limits can go a long way for a company that plans on making big waves in one of these areas.


You can download/view the full report here.  Check out our coverage page to learn more cyber insurance (and other important coverage) and reach out to talk to someone.

 

Related Articles

business_risks
February 24 • Risk Management Tips

How to Identify and Manage Your Particular Business Risks

No matter the size of your company, knowing your particular business risks is crucial. Some vulnerabilities are too big to ignore, potentially causing your company significant loss or setbacks. As we frequently advise, purchasing a general liability (GL) policy works tremendously as the foundation to a robust risk management plan. But what about the other

commercial-insurance-costs
January 12 • Risk Management Tips

7 Bad Practices That Hike Your Commercial Insurance Costs

It might seem like a chore to keep your commercial insurance costs low. Here are some pitfalls to avoid that will help maintain your budget-friendly goal.

December 30 • Risk Management Tips

IPO Insights: 7 Considerations for Late-Stage Companies

Preparing for an IPO can seem like a daunting task for late-stage companies — but it doesn’t have to be. Considering these tips will make the process more manageable.

insurable risk
December 8 • Risk Management Tips

What Is an Insurable Risk?

Identifying an insurable risk from an uninsurable risk is tricky. Here’s a closer look at how insurers categorize specific exposures.

tech_companys_mistakes
December 1 • Risk Management Tips

6 Big Tech Company’s Mistakes We Won’t Forget Soon

Errors, faux pas, mishaps; it’s only natural to expect them in our everyday lives. In the business world, however, these incidences make a much larger splash. The ripple effect is often devastating — and unforgettable. This post examines six mistakes that famous tech companies made and the lessons we can learn from their blunders. 1.

captive_insurance
November 24 • Risk Management Tips

When Does Captive Insurance Make Sense?

Captive insurance is popular with technology, rideshare, and on-demand companies. Here’s how it works best.