New Threats in the 21st Century

New Threats in the 21st Century

It was dramatic to watch the chief executives of Target and Neiman Marcus testify this month in front of the Senate Judiciary Committee about recent data hackings at their stores during the holiday season. But as I caught parts of the hearings, I wondered if the size of these problems and the companies involved kept agents from being able to envision their own agency being hacked.

We all take things for granted. I remember several years ago, when a major insurance carrier, in its esteemed wisdom, decided to use insureds’ Social Security numbers as their policy numbers. I was among the agents who objected to this practice, but it fell on deaf ears. Our insureds felt uncomfortable and insisted that we move their policies to other companies because they didn’t want their information exposed. Perhaps other agents did what I did, because after a period of time, the carrier changed its policy and changed the way it identifies insureds. That was one of the worst violations of privacy I’ve ever seen in our industry and I’ve often wondered if any agents had legal problems as a result of it.

Our world is becoming a minefield of data security dangers. And, agents should take a look at their own office, and their own insurance coverage, to make sure they and their customers’ information is protected. It’s not difficult to find unprotected data in your office—just look around. For example, we all have copiers and fax machines and as the time goes by, we purchase new equipment. Do we wonder what happens to these old machines? When I was leasing a copy machine, I asked the rep. what the company does with them and he told me they are either shipped overseas or simply reused. They are rarely destroyed. These machines have memory chips, and I wonder who could access all of the client information, such as dates of birth and Social Security numbers and policy information we copy or scan into our systems if they were to fall into the wrong hands. How many times have we used our copier machines to copy our own personal information such as taxes, mortgage information and stock certificates? If this machine were to be refurbished overseas, where we have seen high hacker activity, an agent could be faced with serious problems. Even bigger, if the agency’s customers’ information were breached.

A couple of months ago, I stopped at a fellow agent and friend’s office. When I walked into his building (which he owns) I happened to see boxes of files sitting at the curb. I asked what they were doing there and he said they were old files he was throwing away. I looked at him with disbelief, and told him he was endangering himself and his customers. Amazingly, my friend was unaware of shredding services that can come to his office to take care of this disposal in a secure way. Agents, who don’t have a regular shredding program, should set one up. These services have shredding bins that look like a piece of furniture in your office and they will send shredding trucks to your location and make sure information is secured and destroyed properly.

These days, all agents have some type of management system—do you know what protections your system administrator has in place to protect the information being put through it? Your management system IT team may tell you it has the best process to protect information—but consider what happened at Target.

I have another agent friend whose agency’s data was hacked. The hacker contacted him, threatening that if he didn’t pay the thief, he would sell his clients’ information. Some hackers encrypt the owner’s data and hold it hostage until a ransom is paid— known as the CryptoLocker threat. This type of extortion is surely going to grow. There are coverages for agencies to deal with potential data breach issues.

Unfortunately, we agents are often like the shoemaker, whose children have no shoes. For scenarios discussed above, I know PIA offers members coverage for first-party expenses as well as third-party coverage for privacy and network security breaches. There is even an option to cover damages incurred by employees who misuse personal information obtained from your computer and office files.

I know no agent wants to imagine the scenarios above. We’d like to think we can trust our employees, many of whom we consider family. But, as agents, we know such situations can, and have, surfaced. We see more and more are unthinkable cyber threats in the news every day: cyber-terrorism and extortion; even slander and liable have new homes in social media. We should all learn a lesson from Target and Neiman Marcus: Get your cyber-coverage today. Remember: No agency is too small to be a “Target.”