I love a good spy story—Espionage, conspiracy, international trade and government drama … it’s all so exciting! But, in real life the most dangerous versions of these can seem mundane on the surface. Perhaps that’s why agents—insurance agents, not secret agents—have been so slow to do for themselves what they should also be recommending to clients when it comes to cyber coverage.

I’ve been talking with fellow agents about covering cyber liability, and while they extol the importance of it, and even decry the difficulty of convincing their own clients of its necessity, many agents have a reckless attitude about their own business’ need for protection.

Even this week, when U.S. security officials announced the indictment of Chinese military officials on hacking charges, warning our domestic corporations that these hackers have made no reduction in efforts to break into U.S. networks, many businesses—insurance agencies included—blindly (or worse, willingly) disregard repeated warnings that they are in danger’s way.

Though China and other countries officially deny any such activity, the U.S. Justice Department continues to charge that hacking attempts are increasing, evidenced by the announcement earlier in the spring that Chinese military hacked the systems of U.S. companies to steal trade secrets.

Asked whether attempts to hack into U.S. networks that originate in China had slowed, Reuters reported one U.S. official has said: “They have been very active and this hasn’t changed a bit.”

…This stuff sounds like it comes directly out of an Ian Fleming novel! But it’s not, and it’s beyond me why any agent, who assesses and covers risks for a living would not make sure his or her own business isn’t protected adequately. The cost of a cyber breach to your business could be extreme. As insurance agents, we are trusted with storing private client data such as driver’s licenses, birthdates, addresses, credit history and more. The bottom line is, we are responsible for protecting our clients’ data, and we are liable if it is compromised. Are you prepared to comply with complex breach notice laws? Can you bring your system back into operation securely and defend your business in a network security lawsuit? In today’s technology-driven world, the risks associated with doing business online and storing sensitive customer data electronically have never been greater. Cyber risk is increasing and data breaches now affect hundreds of millions of records a year.

The threat to agencies as they handle their clients’ information is only going to increase and it doesn’t matter how big or small your business is; you are at risk. How can we rightfully tell our clients they need this coverage if we don’t get if for ourselves?

The most perplexing part about this is that I know protection for agencies exists. PIA offers cyber liability coverage for insurance agencies, which includes breach-ofprivacy coverage; covers damages resulting from alleged violations of HIPPA, state, federal and foreign privacy protection rules; customer breach notice expense and coverage, and more.

I hate to harp on it but I find this a big liability; perhaps the biggest that we have out there. Eventually, this coverage will become more popular. Unfortunately, it will come at the cost of an agency that suffers a horror story. When that happens, everyone will jump on board. Imagine being the one agent who doesn’t have cyber coverage only to become the cautionary tale that motivates all others to protect themselves…

In the meantime, you don’t want to be that one agent – it’s not what it’s cracked up to be.[IA]

Being 007 Ain’t What It’s Cracked Up to Be

Insurance Advocate