Wave of Hacker Attacks Sparks New Corporate Security Warning

LONDON, Feb. 24 /PRNewswire/ -- A new wave of hacker attacks is breaching corporate and outsourced information systems with one information security firm recently detailing coordinated hacker attacks on 2,400 companies and government agencies during the past 18 months.  The hacker attacks create headaches and potential liabilities for corporate risk managers by exposing vast amounts of personal and corporate secrets to cyber thieves.

(Logo:  http://www.newscom.com/cgi-bin/prnh/20090415/CG99351LOGO)

Lockton, the world's largest insurance broker, warns risk managers to prepare by taking an enterprise risk management approach.  Risk managers can prevent cyber thieves from harming systems, data and reputations using the approaches noted in a new industry report from the insurance broker, "What should you do to prevent cyber thieves?"

"This is not just an IT security issue, rather an enterprise risk management issue that involves not only IT, but also the risk manager, legal department, compliance, internal audit, procurement, and operations," says Emily Freeman, head of Lockton's Technology, Media and Telecommunications practice in London.

Freeman adds that, "Many corporate executives mistakenly believe that by outsourcing the work to vendors, they have also transferred the liability that may arise from a data breach or system failure. Unfortunately, that is not the case.  The legal and regulatory liability primarily remains with the data owner."

Lockton's cyber theft report offers additional recommendations to prevent breaches and to minimize the damage when they happen in the report, including:

• Focus on people and processes, not just technology aspects of security controls.  Physical security and technology tools are an excellent part of a comprehensive approach, but focus as well on people and processes failures and potential for malicious acts.
• Manage your high risk vendors.  Identify all your high risk vendors for security and privacy risks, including credit card processors.  Ensure that they are in compliance with industry standards or PCI if applicable.  Include strong indemnity/insurance requirements for data risks in your vendor contract.
• Test your controls and fix vulnerabilities continuously.  You cannot prevent criminals from trying to break in, but testing and controls, especially with the assistance of outside security firms, can contain or minimize incidents and prevent breaches.

Freeman concludes in the report on information security breaches, "Companies must protect themselves as the ultimate responsibility lies with the data owner and there is the very real possibility that the vendor could commit a breach in security that could overwhelm them and their available insurance limits."

About Lockton

More than 3,800 professionals at Lockton provide more than 15,000 clients around the world with insurance, benefits, surety and risk management services, offering an uncommon level of client service. From its founding in 1966 in Kansas City, Missouri, USA, Lockton has grown to become the largest privately held insurance broker in the world and 10th largest overall. Business Insurance has recognized Lockton as a "Best Place to Work in Insurance." You can learn more at www.lockton.com.

SOURCE Lockton

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

440k+
Newsrooms &
Influencers

9k+
Digital Media
Outlets

270k+
Journalists
Opted In

GET STARTED