Indian Wells, Calif. - "For many financial institutions, a network security breach involving the release of confidential customer information is not a matter of if, but when," cautioned Tracey Vispoli, vice president, Chubb & Son, during the 2006 American Bankers Association Insurance Risk Management Annual Conference. "It's time for financial institutions to further tighten their data security controls and to prepare for the potentially significant financial cost of this risk."Vispoli, the global fidelity manager for Chubb Specialty Insurance, explained that new laws in nearly half the states require companies to disclose security breaches to their customers residing in those states. "Network security breaches expose companies to class-action lawsuits as well as irreversible damage to the corporate brand," she said. "The new state laws add another layer of responsibility and cost by mandating that companies notify customers of actual or suspected security breaches."
Financial institutions are especially vulnerable to an increasing number of security breaches, said Vispoli. The 2005 White & Case National Survey on Data Security Breach concludes that banks and credit card companies are the top two targets of security breaches. According to a San Diego-based consumer rights group, Privacy Rights Clearinghouse, more than 51 million Americans have had their personal data breached in more than 95 incidents since February 2005. A conservative estimate of notification costs is $30 per customer, according to Vispoli.
"While media headlines inform us of high-profile network security breaches, financial institutions of all sizes - from a community bank to a multinational asset management firm - are at risk," said Vispoli. "Clearly, the costs can quickly escalate if a financial institution or its third-party vendor has to or chooses to inform its customers of the theft of confidential personal information. Companies that do a poor job of customer notification risk losing valuable business, damaging their reputations and becoming the targets of class-action liability lawsuits. Chubb provides a unique solution to this potentially huge exposure."
Chubb offers CyberSecurity, insurance that addresses a financial institution's e-commerce crime-related exposures. Vispoli announced enhancements to the CyberSecurity product.
Source: Chubb & Son
