March 2, 2015
Just when you thought it was safe to assume that cybersecurity breaches took a serious, but at least predictable path, along comes the Sony Pictures breach. This type of breach would seem to underscore virtually every concern a risk manager could have about the perils of data security. It is also safe to say that most are hoping that this sort of breach is not the new normal. Any breach that imperils or implicates (almost simultaneously) proprietary and intellectual property, employee personal information, sensitive management communications, reputation/goodwill, extortion, threats of bodily injury, and business income is “bad news.” If hackers are now going to open up the playing field of targeted data beyond just the usual targets of customer credit card numbers, addresses and health-related data, then risk managers are going to need to re-prioritize certain protections (including insurance protection) that used to be a lot lower down on the to-do list.