“Cybersecurity for your business is not only about adding layers of security technology. It starts with understanding and managing your cybersecurity risks. The 5-Step Approach to Better Business Cybersecurity is based upon the National Institute of Standards and Technology (NIST) Cybersecurity Framework, represents an approach that applies to the specifics of your business, helping you understand how best to identify and protect your business’s vital data and technology assets, and how to detect, respond to and recover from a cybersecurity incident.”
The Better Business Bureaus' The 5 Step Approach to Better Business CyberSecurity
The Federal Communications Commission (FCC) also provides a tool for small businesses to create customized cyber security planning guides, FCC’s Small Biz Cyber Planner. See https://www.fcc.gov/cyberplanner. The planner also outlines steps to take should a breach occur. All businesses should set a policy for managing these types of risks and plans to address such incidents if and when they occur.
As John Chambers, CEO of Cisco articulated recently at the World Economic Forum in Davos, “There are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked.”
With that in mind, the question arises as to how this could impact the lending arena? From a due diligence standpoint, do lenders now have to ask potential borrowers about their cyber liability plan and ascertain if they are appropriately covered via Cyber Liability insurance? Particularly if the borrowers’ business is involves the collection of sensitive, personal information? What happens if the borrower becomes a victim of a cyber intrusion that disrupts their business or generates unforeseen litigation and the costs of addressing the cyber intrusion results in the borrowers’ inability to meet their contractual obligations to the lender? There have been a number of articles written in 2014 and 2015 regarding the increasing compliance requirements that lenders are facing. Will 2016 lead businesses to further evaluate their vendor and customer relationships based upon overall risk, including cyber risk? In short, has become a fact of life?
Rather than rolling the dice and trusting Lady Luck, your best defense is a good offense. Take the time now to make a cybersecurity plan for your business; and, don’t forget to include any third party vendors that you may rely on as well. A cyber liability policy is becoming an increasing necessity for business, the challenge is in determining how much coverage and at what amounts to offset cybersecurity risks for your business.