In February, New York governor Andrew Cuomo announced comprehensive cybersecurity regulations for the financial services industry in his state that took effect March 1.
The process initiating those regulations had started almost three years before, after significant data breaches occurred, affecting tens of millions of consumers and causing major financial losses for the companies they didbusiness with (including Target, Home Depot, Anthem and others).
The regulations apply to banks operating within the state, including foreign banks licensed to operate there and state-chartered banks; they also apply to any insurer doing business in New York.
Said Manhattan district attorney Cyrus Vance, Jr. of the new regulations: “ I know that defeating cybercrime requires not only prosecuting it, but taking necessary actions to prevent it.”
That begs the question, what, as individuals, should we be doing to prevent cybercrime in our own lives? And what resources are available to us should we become the victim of cybercrime?
For the typical high net worth client, a lot is at stake. Abundant financial resources and public exposure can make these people a target. Not to mention that their exposure is amplified by, among other things, the “smart home” features they often own that are designed to make managing their lives and households easier.
The importance of cybersecurity on an individual level has come to the forefront of the insurance industry.
Smartphones now enable homeowners to monitor not only their home security, but also everything from their HVAC systems to the contents of their kitchen fridge.
For homeowners buying these technology-equipped devices, then, the most important step to be taken is to ask questions. Buyers need to understand the capabilities of their devices so as to better assess their vulnerabilities, and address them up-front.
If these devices connect through a home wifi network, it’s important to make sure the factory default password on the router has been changed, and that it is changed on a regular basis. This action might not seem impactful,but the October 2016 cyberattack that crippled websites across the internet was traced back to devices that still had their factory-default credentials.
If these devices could be that easily hacked as a “way in” for malicious software, how safe would your personal information be on a home network?
Additional best practices, as provided by AIG and K2 Intelligence, include:
• Use complex passwords, eight to 15 characters long, and update them regularly.
• Do not duplicate passwords for different sites and applications.
• Always update operating systems when one is available. This ensures that the latest security updates and patches are applied.
• Never click on links or open attachments from senders you do not know. (And if you do know the sender but question the validity of the e-mail, reach out to the person independently to verify.)
The importance of cybersecurity on an individual level has come to the forefront of the insurance industry. Carriers, specifically those catering to the needs of the high net worth client, are investing in and researching ways to help protect their clients. New programs are being released that provide coverage for damages resulting from a cyber attack, and resources to prevent a cyber attack from happening in the first place.
One such program, AIG’s Family Cyber-Edge, offers clients monetary coverage for expenses incurred to restore data, terminate a cyber extortion threat, hire a professional crisis-management firm for reputation restoration and provide coverage for psychiatric services and other related expenses when a member of the insured family is the victim of cyberbullying.
A call to a well-informed insurance broker to help determine a family’s or individual’s needs is the first step in finding the best coverage options and resources available.
This article was originally published in the May–July 2017 issue of Worth.