Businesses Not Prepared for E-Risks.Many large U.S. companies are not prepared to handle e-commerce and e-communication risks, a new survey reveals. The survey, conducted by the Human Resource Institute of Eckerd College Eckerd College is a private 4-year coeducational liberal arts college at the southernmost tip of St. Petersburg, Florida, in the Tampa Bay metropolitan area. The college is accredited by the Southern Association of Colleges and Schools. on behalf of Assurex International, a commercial insurance brokerage group headquartered in Columbus, Ohio Columbus is the capital and the largest city of the American state of Ohio. Named for explorer Christopher Columbus, the city was founded in 1812 at the confluence of the Scioto and Olentangy rivers, and assumed the functions of state capital in 1816. , found that few companies have implemented the type of comprehensive risk management program that can limit electronic exposures and reduce e-liability. The survey included CFOs, risk managers, and some HR managers from about 90 Fortune 500 companies and 10 professional associations. The survey reveals that many employers are doing a good job with basic risk prevention: installing monitoring, filtering, and anti-virus software anti-virus software n → Antivirensoftware f ; adding firewalls and encryption programs; and educating employees about hackers. Few businesses, however, have purchased e-insurance products to mitigate risks and reduce liability costs after e-disaster strikes. "Those people who have any exposure to e-commerce and even those people who are heavy users of the Internet, ought to develop a combined strategy of technical solutions and insurance analysis that would involve both the technical staff of a company and their insurance experts as well," says Thomas W. Harvey Thomas Watson Harvey (November 27, 1893 - June 27, 1978) was President-General of the Universal Negro Improvement Association and African Communities League (UNIA) from 1956 to 1978. , president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Assurex. "Our survey shows that people are doing a reasonably good job on the technical side, but are not well-covered on the insurance side," he says. "That doesn't mean that insurance is the answer; it just means that insurance is part of the solution. That's what that we were surprised at--the lack of adoption of not only these newer policies, but even things like D&O and EPO EPO see erythropoietin. EPO Erythropoietin, see there insurance." The insurance aspect is especially significant given that FBI statistics indicate that computer losses can be as much as $10 billion a year. Some of the specific findings of the survey: * 21 percent of those surveyed said their computer systems have been hacked by outsiders; * 15 percent reported hacker attacks that resulted in business interruptions lasting two hours to two days; * 73 percent are concerned enough about hackers to implement employee education programs; and * 24 percent have business interruption insurance Noun 1. business interruption insurance - insurance that provides protection for the loss of profits and continuing fixed expenses resulting from a break in commercial activities due to the occurrence of a peril policies--18 percent have crime loss insurance, 13 percent have unauthorized access, unauthorized use insurance, and only 6 percent have crisis communications Crisis communications are generally considered a sub-specialty of the public relations profession that is designed to protect and defend an individual, company, or organization facing a public challenge to its reputation. insurance to cover PR costs following e-disasters. All this data begs the question, why aren't companies buying insurance policies that can protect them from e-commerce and internal e-mail risk and liability? Harvey gives two reasons: One is that some companies' insurance advisors may not have people on their staff who are familiar with the insurance policies that are out there. The other, he says, is the high pricing--a result of a lack of actuarial ac·tu·ar·y n. pl. ac·tu·ar·ies A statistician who computes insurance risks and premiums. [Latin data. But even with the potential roadblocks and detriments to buying e-commerce policies, Harvey notes that it is important that companies not underestimate their importance. "If you think about the Melissa virus A Word macro virus that was unleashed in the spring of 1999. It sent an e-mail message with a list of pornographic Web sites to the first 50 names in the user's Microsoft Outlook address book. , this was not created by a gang of renegade, Ph.D. computer software people in some secret hideaway with two massive Cray computers The Colorado Springs-based supercomputer company founded in 1989 by Seymour Cray after he left Cray Research. Cray developed the Cray-3, an incredibly fast gallium arsenide-based computer that ran at a 1 GHz clock rate. scheming to bring American commerce to its knees. This was two, as I understand it, college students with a PC at an apartment. "This is a silent catastrophe. We go through a lot of trouble to buy wind storm, flood, hurricane, and tornado protection, but this can happen in an instant, and all of a sudden...it's a fiasco." Harvey suggests performing an analysis of whether your business can survive the costs of exposed liability and hacker attacks. "Should everyone have anti-virus insurance? Absolutely not. But if you're in a business where you could have your communication portfolio shut down--say, a bank--you have to ask, what are the costs of having your system crippled for one hour, one day, or one week? The technical people with the knowledgeable insurance individuals should sit down and ask what's the risk? What's the downside?" |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion