Small Companies Ignore Data Breach Potential

Most small private companies ignore the risk of data breach, despite serious concerns over the financial consequences of a breach, according to a just-released survey from Chubb.

Some 92 percent of executives surveyed did not believe it likely that they would endure an electronic breach of confidential customer information that would require them to comply with costly notification laws in more than 40 states.

What’s more, most (67 percent) of the companies in Chubb’s survey do not have an incident response plan for an electronic security breach.

Yet a breach of electronically-stored private customer data was seen as the third most financially damaging event a company could experience, according to the survey.

The findings come as a list compiled by the Privacy Rights Clearinghouse shows that more than 500 million sensitive records, such as personal medical records, credit card  and social security numbers,  Ã‚  have been compromised due to data breaches  in the U.S. since 2005. And the Clearinghouse says this is only a fraction of the total number of breaches.

Ahead of data breaches, an employment practices lawsuit followed by employee theft were the most financially damaging events a company could experience, according to Chubb’s survey.

Nearly one in five (16 percent) of those surveyed expect an EPL charge would be lodged against their firm in the next 12 months.

Meanwhile, 54 percent expect their employees would steal company funds, equipment, inventory or merchandise in the next year. Just 30 percent of companies have experienced such thefts in the past five years.

The Chubb Private Company Risk Survey interviewed decision makers at 451 U.S. for-profit companies, more than 90 percent of which had annual revenues of less than $25 million.

Check out I.I.I. information on identity theft  and the I.I.I. small businessowners’ guide to insurance.

Leave a Reply

Your email address will not be published. Required fields are marked *