It is predicted that in 2020, the number of devices connected to the internet will reach 30 billion, up from an estimated 13 billion in 2015. This ecosystem of Internet-connected devices, operational tools and facilities, has been referred to as the "Internet of Things". This term refers to the network of physical objects or "things" embedded with electronics, software, sensors, and network connectivity, which enables these objects to collect and exchange data.
Already, most businesses have realized the enormous advantages that come from the ever advancing technology. Nevertheless, many businesses have already or soon will experience the downside to our dependence on technology. In a global study conducted by PricewaterhouseCoopers LLP, called The Global State of Information Security Survey ("GSISS"), it was determined that of more than 9700 Executives across 154 countries, the total number of security incidents detected by respondents climbed to 42.8 million in 2014, an increase of 48% over 2013. Additionally, in 2015, there was further increase of 38% security incidents were seen since the previous year. Although these numbers are shocking, it is not a full depiction of the severity of risk. Many organizations are unaware of attacks, and others do not report detected incidents.
One cybersecurity firm estimated that as many as 71% of compromises go undetected. A 2013 survey by the International Cyber Security Protection Alliance (ICSPA) indicated that cybercrime is fairly prevalent among Canadian businesses, with 69% of the 520 Canadian businesses surveyed reporting some kind of attack within a twelve-month period. This resulted in a total of 5,866 attacks being reported. The top two forms of cybercrime among these businesses were malware/virus attacks (which occurred among 51% of the businesses) and phishing and social engineering (which affected 18% of the respondents). Unauthorized access or misuse of corporate websites affected 13%, while misuse of social networks affected 15% and telecommunication fraud affected 8%.
So what is Cyber Liability? The term "Cyber Liability" is one that has evolved over the past decade as a result of the rapid changes in technology. Cyber Liability can be defined as the risk posed by conducting business over the internet, over other networks or even from just using electronic storage technology.
Cyber Liability can impact businesses in one of two ways. A business can be a "first party" victim, which occurs when their own information has been breached. Second, a business could be a "third party" victim which occurs when customer or partner information which a business has promised to keep protected is breached. Companies obviously have compelling reasons to avoid both types of Cyber Liability. The consequences, however, of third party cyber liabilities can be devastating. Third party Cyber Liability often ruin brands, opens the door to million-dollar lawsuits and can trigger statutory fines.
With the startling rise in the occurrence of Cyber Liability, it is important to review what plan your business has in place to prevent breaches of confidential information. Keep this in mind the next time you go to click the save button on a confidential document. Think of the risks described above and consider what strategies you have in place to protect your confidential information. A proactive approach is always better than a reactive approach, so this means that planning how you will protect your business is essential.
Originally published March 2016
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
