Cyber attacks can be very costly for managers: in addition to losing their job, they risk paying for the damage to the company out of their own pocket.
Let’s see how Directors and Officers insurance protects administrators, managers and CFOs against these risks.
These managers have been removed after a cyber attack.
More than one manager has lost their job after underestimating cyber risk.
Here are a few examples.
The CEO of a very important Austrian industrial components manufacturer was fired with immediate effect after a computer fraud cost the company 42 million euros.
The CEO of a major American credit agency was removed due to a colossal theft of personal data of 154 million customers.
The top manager of a well-known record company was asked to leave: the violation of computer systems resulted in the loss of confidential information about upcoming music programmes and personal data of employees.
The president of a leading American retail company resigned due to the damage to his reputation and image caused by the theft of customer data.
Cyber risk: to each his own
Those who manage small and medium-sized companies must not be deceived.
You have to bear in mind that cyber attacks affect large corporations, on the contrary, middle and SMEs are the favourite target of hackers, as amply documented in this graph and in this article.
Said that, what happens if a disloyal employee steals confidential information? What if a cyber attack shuts down production machinery?
In such cases the consequences directly affect:
1. the company, which suffers direct and financial damage such as, for example:
- production stoppage,
- tampering with a product,
- the theft of data relating to an industrial patent,
- loss of customers and reputation.
2. the manager, whose relationship of trust with the company is seriously called into question.
Now, with reference to the first point, cyber insuranxe may be a good solution: the multiple coverages of this business insurance are listed at the bottom of this article.
As for the specific position of the manager, let’s first ask ourselves these questions:
- How much is the loss of sensitive information and reputation worth to a company?
- How much does it cost to restore hardware and software?
- How much could the legal fees be to resolve disputes with injured parties?
- A product damaged in the design phase, what damage could it cause to third parties?
- A possible negative media campaign on the web, what unexpected expenses would it entail?
A single cyber attack can have serious repercussions on business plans, company mergers, customer service, production blockages, just to name a few.
This is why the company director runs the following risks:
1. losing his job (we have seen the most striking cases above),
2. pay compensation from their personal assets, for not having taken all the appropriate measures to prevent a cyber attack and manage its impact on the company.
Don’t open that email! Here are 3 real cases of risks to avoid absolutely.
Let’s suppose that an employee has not been sufficiently trained to recognise fraud via email and, in good faith, transfers a large sum of money into the wrong hands.
Another exemple: a manager who loses the USB stick and the sensitive data it contains.
A cyber attack affects the computers that govern the correct functioning of our production lines and our product, completely tampered with, is contested by our customers.
Well, the company, in cases like these, could make up for the damage suffered on the manager who didn’t pay enough attention or acted carelessly, knocking on his door and presenting the bill.
How can CFOs and managers insure themselves against these risks?
‘One is always responsible for what one could not avoid’, warned Jean-Paul Sartre.
Those who manage a company are required to protect and safeguard the interests of the company they work for.
Ignoring the consequences of a cyber attack (just think of how much company information passes through social networks, blogs, applications and smartphones) means exposing the company to risks, including those to its reputation, that were unthinkable until recently.
No policy will give us back the job we have lost. However, there are insurance solutions to protect the personal assets of managers in the event of liability actions by the company.
The range of risks faced by directors is increasing: we suggest that those who manage a company seek the advice of professionals in the sector and verify the appropriate insurance coverage to protect both the company and the management.