Contrary to popular belief, Fortune 500 companies are not the only ones concerned with cybersecurity. Over the last few years, public entities have experienced numerous intentional cyber attacks.
For instance, the City College of San Francisco discovered a computer virus had attached itself to its server and went undetected for 10 years, exposing personal information of as many as 100,000 students and faculty members. Just this spring, CNBC recently reported a sobering story about European hackers who blackmailed police departments across the U.S. with “ransomware,” viruses that encrypt and take system files hostage until the victim pays a ransom to unlock the system.
Data by the minute
Here’s a breakdown of just how much data is generated every minute:
- 3.5 million text messages sent in the U.S. alone
- 99,206 requests answered by Siri
- 69,500,000 words translated by Google
- 9,678 emoji-filled tweets on Twitter
These experiences indicate that no one is immune to cyber threats and data breaches. Just like for-profit corporations, public sector institutions are impacted financially, operationally, and legally–not to mention the residual reputational damage suffered upon news of the breach getting out. Network security is no longer a technological issue we can pass to the IT department; instead, it has become an enterprise-wide risk management concern.
What, then, can your organization do to better protect itself? Here are a few things to keep in mind:
- Buying new equipment or software is not always the answer to the problem.
- A strong intrusion detection system is great for external attacks, but internal physical or personnel controls are also necessary to prevent an accidental or intentional data breach from within.
- It is imperative for every organization to complete a full risk assessment to determine vulnerabilities and their level of exposure. In addition to identifying exposures and implementing controls, this risk assessment will allow you to allocate financial resources where they are needed most.
Trident Can Help
Keeping up with cyber security threats can be exhausting, and chasing trends (guarding against a named threat) costly. But not protecting your organization against cyber breaches can cost a lot more. Check out the following tools we have created to help you safeguard your organization.
If you have any questions about your own organization’s practices or need advice about how to make your cyber security measures more robust, contact Trident Public Risk Solutions’ Risk Control team by submitting your question to Ask the Risk Manager.
About the Author
Frank Mazzagatti, Risk Control Consultant, brings more than eight years’ experience in insurance in the areas of risk control, underwriting and business development. He achieved the Associate in Risk Management (ARM) designation and the Risk Assessment certification from the American Society of Safety Engineers. Frank holds a BA in Business Management from Our Lady of the Lake University.
Learn how Trident Public Risk Solutions has public entities covered when it comes to risk management at www.argolimited.com/trident.
For more timely articles and insights into public entity risk, follow us on LinkedIn.
Website links referenced within the content of this document may lead to other sites that Trident Insurance Service, LLC (“Trident”) believes may be useful or informative. These links to third-party sites or information are not intended as, and should not be interpreted by you as, constituting or implying Trident’s endorsement, sponsorship or recommendation of the third-party information, products or services found there. Trident does not maintain or control these sites and accordingly makes no guarantee concerning the accuracy, reliability or currency of the information appearing on such sites.
The insurance policies, not this descriptive article, form the contract between the insured and the insurance company. The policies contain limits, exclusions and conditions that are not listed in this article. All coverages are subject to individual underwriting judgments and to state legal and regulatory requirements. This article is provided for informational purposes only and does not constitute legal advice. Policies for this program are issued by one or more insurance companies of Argo Group International Holdings Ltd. Trident is a registered service mark of Argo Group International Holdings Ltd.