Cybersecurity Awareness

Get A Quote Today

PERSONAL AUTO
HOMEOWNERS
BUSINESS
CONTACT

Cybersecurity Awareness

Do You Know that October is Cybersecurity Awareness Month??

Of course you know.  Cybersecurity Awareness appears everywhere in October.  But, did you think about how it affects you?  Did you take action?  If not, here are a few reasons you should think about Cybersecurity and take action:

  • 43% of all cyberattacks are aimed at small business (Source: Small Business Trends)
  • 91% of attacks launch with a phishing email (Source: PhishMe Research)
  • 95% of data breaches have caused attributed to human error (Source: Cybint Solutions)
  • Ransomware attacks are growing more than 350% annually (Source: Cysco)
  • IoT (Internet of All Things) attacks were up by 600% in 2017 (Source: Symantec)
  • In most cases, it takes about 6 months to detect a data breach (Source: ZD Net)
  • The cost of a data breach can range anywhere from $120-600 per record (Source: Identity Theft Resource Center) – for a small company with 5,000 past, present, and prospective customers, this could total $600,000-$3,000,000

I know, it won’t happen to you.  Are you sure?

Top 5 Misconceptions:

  1. My data (or the data I have access to) isn’t valuable. Wrong – all data is valuable.
  2. Cybersecurity is a technology issue. Wrong – human error is the number one cause of data breach.  Train your employees and establish clear policies.  Do not discount the importance of physical security.
  3. Cybersecurity requires a huge financial investment. Wrong – many efforts require little or no financial investment – establishing policies, training employees, enabling multi-factor authentication, restricting administrative and access privileges, etc.
  4. Outsourcing to a vendor washes your hands of liability during a cyber incident. Wrong – you have a legal and ethical responsibility to protect sensitive data.  If you received it you are responsible for it.
  5. Cyber breaches are covered by general liability insurance. Wrong – Speak with your agent to understand your coverage and what type of policy would best fit your organization’s needs.

If you are still reading this, you are hopefully wondering if you are doing enough, if anything at all, to protect your data and systems.  Here are the steps as suggested by the National Cybersecurity Alliance (www.staysafeonline.org) to assess your organization:

Identify your vulnerable assets and systems

  • Computers, paper files, laptops, mobile devices

Protect your data and devices – build a culture of cybersecurity in your organization

  • Keep software current – use automatic updates
  • Use strong authentication and strong passphrases (not passwords)
  • Back up data on a regular basis
  • Limit access to data to employees who require it to perform the core duties of their jobs
  • Keep a clean machine – maintain clear guidelines restricting downloads
  • Make the call. If you are not absolutely sure the email, tweet, online ad, message, or attachments are safe, call the sender to verify or delete it.
  • Encourage your employees to report strange occurrences on their computers and devices.

Detect Incidents

  • The faster you know about an incident, the faster you can mitigate the impact and get back to normal operations.
  • Be suspicious.
  • Use cybersecurity products or services like antivirus and antimalware software for example.
  • Watch people including your employees. Pay attention to suspicious behavior.
  • Train employees to know what incidents and attacks look like and that they need to be reported quickly.
  • Talk to others in your industry and reach out to local IT experts. The availability of cybersecurity tools and services is growing.

Finally, consider purchasing Cyber Insurance from a reputable insurance company.  Why?

At the very least, filling out the application will expose your weaknesses.  It serves as a self-assessment.

More importantly, from a prevention perspective, most companies provide guidance and resources such as risk management tools, training, and cyber best practices.  Some companies may provide assistance with developing an incident response plan, information about and assistance with complex regulatory requirements, security and privacy awareness training resources.

Most importantly, cyber liability insurance provides coverage in the event of a data breach or cyber event.  The list of coverages and limits available is extensive creating the ability to tailor a policy to fit your organization’s needs.   Be careful though.  With this flexibility comes a lack of standardization in forms, policy language, and pricing.  Choose to work with an insurance agent who has thoroughly researched the options, understands the coverages, and considers potential overlap with your other policies.

Scenarios

Company Profile:  Construction Company with offices nationwide (Borrowed from www.Travelers.com)

A national construction company used a third-party cloud service provider to store their customers’ personal information. The cloud provider suffered a major data breach, compromising the Personally Identifiable Information belonging to thousands of the construction company’s customers in several states. As the owner of the data, the construction company had a legal obligation to provide adequate and timely notice. The Attorneys General in several states instigated a regulatory investigation against the Company to determine whether they responded appropriately to the breach in accordance with various state laws. As the construction company did not have a document retention procedure and stored far more data than was required, the Company was obligated to notify over 10,000 past and present customers that their company’s data had been compromised. In addition, they had to pay defense costs associated with defending the regulatory investigation.

According to the NetDiligence® Data Breach Cost Calculator* the estimated costs for this event for the construction company could be:  $181,900 Estimated Incident Investigation Costs; $41,775 Estimated Customer Notification/Crisis Management Costs; $639,100 Estimated Defense & Settlement Costs; $862,775 Estimated Total Costs

An average event of this type could drive the average costs up to $1,860,000 for a business.

Risk Management Tips:

  • Know where confidential information is stored, whether internally or with a vendor.
  • Understand vendor’s network security controls and any contract language involving data liability.
  • Have a document retention procedure in place to only store information that is necessary.

*The NetDiligence® Data Breach Cost Calculator and other tools are available to insureds on the Travelers’ eRisk Hub®.

eRisk Hub is a registered trademark of NetDiligence.

RANSOMWARE ATTACK (Borrowed from www.thehartford.com)

Type of insured: Regional accounting firm

What happened: A ransomware attack blocked all access to the firm’s computer system while deleting files. After the firm paid the ransom, it took several days to restore its applications and recover deleted files from its backup.

What followed:

  • The firm was unable to meet tax filing deadlines
  • Brand and reputation damage

What could help: Incident Response Expenses, Cyber Extortion Loss, Network Restoration Expenses, Business Interruption

HR IMPOSTER (Borrowed from www.thehartford.com)

Type of insured: Law firm

What happened: A thief purporting to be the managing partner of the firm sent the HR payroll manager an email, requesting W2 forms of all 150 employees via PDF. Too late, the payroll manager realized the email address was spoofed.

What followed:

The law firm had to notify and provide credit and identity monitoring services to its employees in the wake of the incident.

What could help: Incident Response Expenses

CARPETBAGGERS (Borrowed from www.thehartford.com)

Type of insured: Carpet factory

What happened: Unknowingly, an employee clicked on an email attachment laced with crypto wall malware. This led to a hack that paralyzed the company’s access to data and production files, with a demand for ransom. The company paid the ransom the next day.

What followed:

  • Production was halted and costs racked up
  • An external consultant was unable to clean up the network
  • Without up-to-date backups, the company lost data

What could help: Data Privacy and Network Security Liability, Incident Response Expenses, Cyber Extortion Loss, Network Restoration Expenses, Business Interruption

SIDEBAR:

What is Personally Identifiable Information (PII)?

  • Full name
  • National identification number (i.e. Social Security number)
  • International Protocol (IP) address
  • Vehicle registration plate number
  • Driver’s license number
  • Face, fingerprints, or handwriting
  • Credit card numbers
  • Digital identity
  • Date of birth
  • Birthplace
  • Genetic information

Categories

(617) 773-9200

Our Customers Say

25

Been thru thick and thin are we are both still here!! Great people. You can get insurance anywhere but its the people that make it happen. Thanks Again, John McNulty

- John M., customer since 1999
 

 

Prime Steel has been in business for almost 50 years. A significant number of those years we have been a client of Tonry's. I believe that everyone at Tonry has Prime's best interest in mind at all times. Even if it means telling us we don't need to carry certain limits that it is just a waste of money. Over the years the knowledge from Tonry Insurance Group has saved Prime Steel a lot of money and certainly puts Prime's key Personnel at ease in many circumstances. Audit questions/ prep / incidents/ claims etc. The attention we get from Tonry Ins Grp even when it is last minute is very much appreciated.

 Robin F., customer since 2000

2

We have known Lou for many years. His company always treated me and my family with respect. Tonry Insurance consistently tries to find savings on all my insurance needs. Now that my sons are married and homeowners, they also are insured with Tonry. We wouldn't think of going elsewhere.

 Customer since prior to 2000

4

I believe that I've been with you for over forty, but more likely 50 years and have not had any problems with the coverage you recommended. It always seems that you have represented me and not the insurance company.

- Salvatore M., customer since 2002

8

I've been with Tonry for many many years & their customer service cannot be beaten! I appreciate all the representatives that I have dealt with Thank you! Linda G

- Linda G., customer since 2000

5

Kris Bibbo has worked with us for years, along with Con Duggan. Knowledgeable, professional, reliable, and most importantly of all, welcoming and great to work with!

- Patricia M., customer since 2002

9

I have been with Tonry and appreciate all the hard work that Kris continues to do, she is very on top of everything and provides the right feedback and assistance that’s asked when it’s called upon.

- Customer since 2013

11

“Our agent, Cecilia, does a great job of giving us the best options to choose between. There is never any pressure. She alerts us to any possible discounts that we can use to keep our premiums down. She saves us loads of time by doing all of the legwork. She has been both professional and friendly to deal with. She knows the products inside and out.”
- Customer since 2002

10

Amy Nelson and Kris Bibbo have been great to me over the years. They always send kind emails and make sure all policies are in place with the right coverage for all my needs. Even if I disagree with an audit resulting in additional fees they make me feel comfortable that they will look into it and help understand the situation rather than dismissing me and not caring. That's very important and why all my insurance policies are with you.

- Manuel M., customer since 2013

13

Everyone has been so helpful with my questions or problems. I appreciate the personal attention I receive whenever I call the office. Thank you for your outstanding service..

- Customer since 2018

14

One simple reason...your staff. Kris has been helping me close to 20 years. I have ZERO difficulties with any insurance I have because she takes care of EVERYTHING. She is prompt, courteous, efficient, knowledgeable and is so very pleasant and happy. Con has been helping me almost 20 years, too. He deals with my professional insurance. He notifies me if there is a problem. He gives me a solution. He saves me money when different policies are available. He takes care of any problems in a very timely fashion. Your staff is great. Keep them.

- Steve H., customer since 2003

15

Cheryl DiGravio is the most responsive, diligent, trusting person I have ever partnered with - hands down!!!!

- Sean B., customer since 2007

16

Donna my representative has been awesome over the years guiding me through all ins and outs keeping up to date on everything.

- Ronnie L., customer since 2000

17

“Keeping us informed and up to date is important. Having a seasoned professional staff we communicate with on a first name basis and getting spontaneous response helps to confirm our confidence.”
- Customer since 2002

18

“Kris is always there for us. She goes above and beyond to help and to shop around to make sure we have the best coverage.”
- Customer since 2012

19

Amy Nelson is always very helpful with my General Liability insurance needs or any other insurance questions.

- Customer since 2006

20

Cheryl has provided great service since I switched my policies to your agency. I am 100 percent satisfied!

- Ronald H., customer since 2018

21

“You care about your customers. You research to let your customers know that there are other insurance companies other than the one the customer is using. My agent saved me over a thousand dollars last year. This is a great insurance company.”
- Customer since 2018

22

Extremely responsive. Replying to email questions within hours, not days. Always willing to get on a call. Insurance issues are explained simply and clearly. Will definitely stick with Tonry insurance for my homeowners insurance needs.

- Customer since 2020

24

Kris Bibbo, our rep from Tonry in Lexington is an amazing source of information and connections. She made the purchase and registration of an out-of-state vehicle a very easy process. The way she managed things made us 100% sure that switching over to this office was the right thing to do. I'd recommend her to anybody and everybody.

 Customer since 2020

All Testimonials

TONRY TOPICS

What do the deductibles on my homeowner's insurance mean?

You may be familiar with the term deductible. Do you know if your homeowner’s policy has an “all other perils,” “wind/hail,” “named storm,” or “hurricane” deductible? In this article, we will explain what these different deductibles apply to and why they are important.

Read More

Do I Need Flood Insurance?

In 2023, the Northeast experienced extreme flooding in areas rarely affected by floods. Record-breaking rainfall led to flooding in Montpelier VT, Leominster, MA, and Manhattan, NY to name a few areas. These events highlight the importance of purchasing flood insurance even if your property is not in a flood zone. In this article, we will explain what flood insurance is and why it is important to consider if not required by your lender or FEMA (Federal Emergency Management Agency).

Read More

October is Cybersecurity Awareness Month

2023 marks the 20th annual Cybersecurity Awareness month when the Cybersecurity and Infrastructure Security Agency (CISA) provides information and materials critical to keeping our data, our resources, and our privacy safe. We eagerly join in this effort to educate our employees and our customers and provide tools to mitigate the risk of loss due to a cyber incident.

Read More

Newsletter Archive

View Blog and Newsletter Archive

JOIN OUR NEWSLETTER

Our Locations

Braintree

150 Grossman Drive
Suite 200
Braintree, MA 02184

(617) 773-9200
Directions

 

Lexington

238 Bedford Street
Lexington, MA 02420

(781) 861-1800
Directions

Our Affiliates

New York

GSD Insurance Agency Inc.
57 Burd Street
Nyack, NY 10960

(845) 735-5200
Directions

 

Privacy Policy | Copyright © 2024 Tonry Insurance Group, Inc. All Rights Reserved | Website by Interactive Palette