Skip to content

Travelers’ Cyber Risk Pressure Test

Risk_ControlPut your data and network security to the test.

What if your business was the victim of one of the 41,000 known computer security incidents per day in the U.S.?* In addition to knowledge about cyber insurance coverage options, you’re likely to be looking d for helpful, cost-effective cyber risk management resources.

When it comes to cyber risk, there is a lot at stake: data, reputation and a company’s bottom line. And every business, no matter the size or industry, is at risk of becoming a victim of an accidental or malicious compromise. This brief interactive quiz, which is mobile enabled, is designed to assist you, the business owner, to quickly evaluate and identity pressure points in your cyber risk management strategy.

Managing cyber risk is not a one-and-done process. Over time, your business may grow and change. Your data may represent new categories of information. Your technology hardware and software may be updated or replaced. Your workforce — both the people who use your data and the team responsible for protecting it — may change. And as technology itself evolves, so do the risks associated with it. Complacency can leave your data, your customers, your bottom line and your reputation vulnerable. Failure to address the risk often results in lost revenue, potential liability and high recovery costs. Implementing, maintaining and enforcing procedural and technological controls to protect your critical data and systems are key to the success of your cyber security strategy.

If you answer to any of these questions “yes

[list icon=”thumbs-up”]

  • Does your company allow employees to remotely access your company network with mobile devices such as laptops, smartphones, tablets, etc.?
  • Has your company hired vendors that have access to the information for which you are responsible or legally obligated to protect?
  • Do your company’s service providers or contractors have on-site or remote access to your network?
  • Has your company completed an inventory of all IT equipment and applications, and assigned a person to be responsible for maintaining these systems (anti-virus upgrades, software patches, strong passwords, etc.)?
  • Has your company inventoried and classified the types of information it collects, processes, maintains or transmits, and do you restrict access to sensitive data, such as financial, medical or other personally identifiable information (PII)?
  • Do any regulatory standards such as HITECH, HIPAA, or PCI DSS, apply to your company?

[/list]

… and any of these questions “no” …

[list icon=”thumbs-down”]

  • Does your company have a protocol or individual identified to check network monitoring and logging devices?
  • Is all sensitive information your company would collect, process, maintain or transmit encrypted?
  • Does your company isolate customer information databases and payment/point-of-sale systems from other, less secure systems?
  • Does your company have a process in place to ensure all antivirus protection, software updates/patches and equipment security settings are properly installed in a timely manner?
  • In the event of a network interruption, does the company have a backup procedure in place to keep the network up and running?
  • Does your company limit access of sensitive information to authorized personnel, and have access revocation procedures in place for terminated employees?
  • Does your company train employees in the proper use of email, Internet and social media accounts, strong password creation, and other security and incident response policies and procedures?
  • Do contracts with all third-party service providers and contractors clearly specify their responsibility to safeguard sensitive information, while limiting their access to and use of this sensitive information commensurate with assigned tasks?

[/list]

… than you must put your data and network security to the test! Est. completion time: 5 minutes


Cyber_Risk_Pressure_Test
Managing cyber risk is not a one-and-done process. Over time, your business may grow and change. Your data may represent new categories of information. Your technology hardware and software may be updated or replaced. Your workforce — both the people who use your data and the team responsible for protecting it — may change. And as technology itself evolves, so do the risks associated with it. Complacency can leave your data, your customers, your bottom line and your reputation vulnerable. Failure to address the risk often results in lost revenue, potential liability and high recovery costs. Implementing, maintaining and enforcing procedural and technological controls to protect your critical data and systems are key to the success of your cyber security strategy.

Cyber crime has become increasingly frequent, complex and costly. In the wake of an event, would you know who to call, how to react, or what to tell your employees, customers and media? Could your organization handle the potential financial and reputational impact of a lawsuit? What could your company be doing to better manage the risk? Get cyber liability insurance! Most small business can have cyber liability coverage embedded into general liability. For larger businesses or for those who are looking to get ultimate coverage apply for custom cyber liability insurance.

Tags: