On November 1st, 2018 the Digital Privacy Act changes.
Are you ready?
Every business has a legal requirement under the Digital Privacy Act to report data breaches.
This is linked to Cyber Risk, which can be insured.
- The Digital Privacy Act will impose automatic (Statutory) legal obligations, often costly, on all businesses requiring reporting of all data breaches.
- Cyber attacks are frequent, unpredictable and expensive. They can happen to any business, large or small at any time
- Insure your Regulatory/Legal and Business Cyber Risk fully
- In the event of a material data breach, businesses are required to notify affected individuals and The Privacy Commissioner.
- Businesses of all sizes are required to report data breaches
- All organizations are vulnerable: 62 percent of security breaches occur in small to mid-sized businesses.
- Failure to comply can mean penalties of up to $100,000 per offence.
Cyber breaches impact all businesses. In fact, 62% of breaches were small business.
How breaches occur
- Worldwide exposure (data, customers, sales, privacy laws by country, etc.)
- Lost/stolen Devices: laptops, phones, thumb drives.
- Employee Error
- Unauthorized network access via supply chain networks, business partner networks
- Customer and Employee data
- Digital and non-electronic records
- Malicious or criminal activity
- Rogue Employees
What are examples of small business data breaches?
Symantec Internet Security Threat Report
- An employee of a medical office lost a computer thumb drive containing 1,200 files.
- Theft of a computer from an accountant’s office exposed tax records of 800 clients
- Denial of service
- Viruses erasing entire systems
- Intruders breaking into systems and altering files
- Healthcare and professional services were the most breached sectors
Basic business activities such as taking credit card payments, collecting employee records, launching a website or sending an email can expose organizations to a potential privacy breach.
Canada Cyber Facts:*
All organizations are vulnerable:
- 62% of security breaches occur in small to mid- sized businesses
- $6.11M Average Cost of data breach in Canada
- $1.2M Average cost of data breach in Canada for small to medium businesses
- $255 per record cost in Canada
- #3 Canada ranks in cyber incidents worldwide**
Causes of Cyber Breach in Canada***
- 48% Malicious or Criminal Activity
- 25% System Glitches
- 27% Human Error
Don’t Equate Small with Safe
- The majority of Canadian small businesses lack a formal Internet security policy for employees, and only about half have cyber security measures in place.
- This disconnect is largely due to the widespread, albeit mistaken, belief that small businesses are unlikely targets for cyber attacks. In reality, data thieves are simply looking for the path of least resistance. Symantec’s study found that 40 per cent of attacks are against organizations with fewer than 500 employees.
Attacks Could Destroy Your Business
- 60% of the small businesses victimized by a cyber attack permanently close their doors within six months
- Typically, commercial property and liability policies may not cover data breach costs.
Cyber coverage can include:
- Worldwide Coverage
- Crisis Management
- Data breach coverage & Notification Expenses
- Business Interruption Loss
- Cyber Extortion Defense
- Forensic Review
- IT support
- Legal support/Breach Coach
- Identity Fraud Alert Services
- KRG breach information
- Digital Privacy Act
- Cyber security for small business
- Are you Prepared?
- Cyber Risk Exposure scorecard