Cyber/Data Risk Self-Assessment
To determine whether you have exposures that are generally best addressed by insurance, in addition to your risk management practices, please answer the following:
- Do you accept credit/debit cards for payment of goods or services?
- Do you use any computing devices that leave your office? These include laptops, PDAs, smart phones, mobile interface devices of any kind.
- If any data is stored on mobile devices, or if the devices can be used to access your main system, are any of your mobile devices not encrypted?
- Do you gather or store any data on a physical medium, such as paper?
- Are you subject to any regulations regarding the confidentiality or security of data?
- Do you provide data to any third party for them to store it or perform a process or business function with it?
- Does any third party have access to your systems, whether electronically or physically?
- Does any third party have access to your paper data?
- Do you have a Facebook, Twitter or other social media account?
- Do any of your employees post on Facebook, Twitter or other social media platforms?
- Do you have a website? If so, do you gather data on it or provide any services through it?
- Are you dependent upon the internet or your systems to generate revenue?
If you answered "yes" to more than three questions, you are at High Risk of incurring a data breach or other cyber peril that could put you out of business. It's imperative that you adopt proper policies and procedures to minimize risk, contract with appropriate vendors that will be ready to assist you in the case of a breach, and purchase insurance coverage to fund your defense and damages for covered losses.