Year in Review: 2014 Cyber Attacks (What Startups Should Know)

Generic placeholder image
Carl Niedbala

COO & Co-Founder


2014 Cyber Attacks Reviewed

For the last four years, cyber risk management firm Net Diligence has done a report on cyber insurance claims for the year…and 2014 has been a hell of a year for cyber attacks.  This year’s report has been published and has some very interesting findings pertaining to the startup community.  An excerpt from the introductory pages reads:

“For this study, we asked insurance underwriters about data breaches and the claim losses they sustained. We looked at the type of data exposed, the cause of loss, the business sector in which the incident occurred and the size of the affected organization. For the first time, this year we also looked at the two additional data points: was there insider involvement and was a third- party vendor responsible for the incident.”

While the general claims data is valuable, the 3rd party vendor data is particularly important for startups.  From AWS to Heroku to WordPress, almost all startups use a slew of these vendors to host and deploy their apps and content.

Here are the biggest takeaways from this year’s study:

  • Startups accounted for roughly 23% of claims reported.  The study considered 3 revenue ranges for “small revenue” companies.  Companies under $2B accounted for 75% of the claims studied and companies under $50M in revenues accounted for 23%.
  • 20% of claim situations arose due to an error of a 3rd party vendor.
  • Healthcare and financial services were the 2 most frequently breached areas, collectively accounting for 55% of the studied breach incidents.  The study notes that the healthcare space has seen a rise in claims due to a more aggressive approach taken by state attorney generals in recent years.
  • The average cost to defend a data breach claim was $698,797.  The average cost for legal settlement was $558,520.

The key takeaway here is that while Home Depot and Target have received most of the data breach press over the last year, it doesn’t mean that startups are any less of a target.  Furthermore, some of the areas most ripe for disruption – Healthcare and Fintech – are particularly exposed to cyber risks.  A base level cyber insurance policy with $1M limits can go a long way for a company that plans on making big waves in one of these areas.


You can download/view the full report here.  Check out our coverage page to learn more cyber insurance (and other important coverage) and reach out to talk to someone.

 

Related Articles

amazon-sellers
June 8 • General LiabilityProduct LiabilityRisk Management Tips

Enterprise Amazon Sellers & FBA Insurance Guide

Amazon sellers face many of the same vulnerabilities that other ecommerce companies face. Here’s insight into risk management.

diversified-board
June 1 • Risk Management Tips

How a Diversified Board Can Benefit Your IPO

With so many late-stage companies prepping to go public, many are focusing on creating a diversified board — here’s why it’s a good idea.

media-liability-insurance
May 25 • Risk Management Tips

Media Liability Insurance Guide

Publishers, agencies, and even corporate bloggers face unique risks — but media liability insurance has solutions. Here’s an overview.

risk-management-process
May 12 • Directors & OfficersGeneral LiabilityRisk Management Tips

Understanding the 5 Steps of a Risk Management Process

Late-stage companies and small businesses need a risk management process — but how do you accomplish this task? Here’s some expert advice on the matter.

social-media-influencer
April 10 • Cyber LiabilityRisk Management Tips

Top 5 Social Media Influencer Lawsuits

A social media influencer often reaches millions of people, raising the stakes for the mid-market companies who hire them. Here’s how these risks unfold.

March 17 • Risk Management Tips

VC Insight: Understanding Late-Stage Investment Risks

Investing in late-stage companies is often viewed as less risky — but it’s still a venture. Let’s explore late-stage investment risks.