From SecurityWeek:
Buying into Cyber Insurance - Do You Need It?
"Typically companies that collect and store personally-identifiable information (PII) or personal health information (PHI) on behalf of their customers or employees are most likely to sustain significant financial loss as a result of a cyber breach," he said. "This is due in part to the notification laws that are in place in 47 states which require companies that lose PII or PHI due to a cyber breach to notify the affected customers or employees and the attorney general in each state where there are impacted residents. Cyber insurance typically covers notifications costs as well as forensics and other breach response costs. Some policies also cover third-party liability that can arise out of a cyber breach."
Companies should assess how much PII or PHI they manage as they figure out their potential cyber exposure, he added.
No comments:
Post a Comment