In November 2014 Sony Pictures experienced a debilitating cyber-attack, one which many experts believe was perpetrated by the North Korean’s. While most small businesses are unlikely to incur the wrath of Kim Jong-Un, any business with a computer or mobile device, i.e., nearly every business, is potentially vulnerable to cybercrime of one kind or another.
The stakes are high. An enterprising hacker could hold your computer records hostage for ransom, and literally shut down your business if you do not pay.Even worse is a hacker who steals and sells your customers’ personal information—an event which would, in some circumstances, require you to notify everyone whose records were stolen that their confidential information is floating in the wind. The cost of sending all the notifications could be enormous by itself, not to mention the legal liability and loss of business goodwill.
What can a business owner do other than wring her hands? Here are three important steps:
(1) Have a professional set up and maintain your network. There is really no substitute for this. While even a professionally-maintained network can be hacked, (as Sony experienced firsthand, the job will be more difficult. Do not allow your network to be the “low-hanging fruit” for hackers to pillage. And, even if you are successfully hacked, the fact that you hired a professional to set up and maintain your system will help reduce your potential liability. In legal terms, hiring a professional demonstrates that you acted as a “reasonable prudent business owner “should.
(3) Get cyber insurance. Many insurers offer cyber insurance coverage to protect business owners from the risk of cyber-related loss. A good cyber policy will do all of the following: (A) provide a legal defense if you are sued on account an internet-related issue. This is critical—even if you win, the costs of litigation are enormous. (B) Pay any damages if you are held liable, up to the policy limits. (C) Cover any losses you incur, such as the cost of notifying your customers of a breach, and the loss of income your business may suffer while you recover from a cyber-attack. Be sure to ask your insurance agent about cyber coverage. If you do not have an insurance agent, find one!
This is just a basic overview and is not legal advice specific to your situation. If you would like to speak with Jonathan about your situation, please email him at email@example.com or call him at 925-217-3255.