You’ve Just Been Hacked, Now What?

All professionals utilize computers in the workplace.  These devices are a must for providing professional services, meeting customer needs, marketing, billing functions and countless other tools available to professionals through the use of computer equipment.  Make no mistake, however, the very equipment that is so crucial to your business is under cyber-attack and is constantly at risk of a virus or hack.  Yet, inexplicably, 25% of all computers worldwide are not adequately protected.  Professionals cannot afford to be a victim of cyber-liability.

According to Microsoft, malware (“malicious software” programmed by hackers to disrupt or steal) remains a top concern, as computers without antivirus software are about five times more likely to be infected.  “People intuitively understand the importance of locking their front doors to prevent their homes from being broken into,” said Tim Rains, director, Trustworthy Computing, Microsoft. “Computer security is no different. Surfing the Internet without up-to-date Antivirus is like leaving your front door open to criminals.”

Moreover, liability associated with malware continues to increase as more employers allow the use of personal devices for work purposes.  According to recent research from Cisco, 89 percent of employers allow employees to utilize personal equipment in some form. This trend has provided numerous benefits, such as increased productivity, employee satisfaction and lower costs, but it can also lead to greater liability risk. Specifically, employers are hard-pressed to monitor the security settings of their employees’ personal computers. Should customer information be compromised in one of these instances, an employee and company could face a significant lawsuit.

For example, patient information at the University of Mississippi Medical Center was compromised when a laptop went missing earlier this year. An unknown number of patients had their medical records accessed. The medical center notified thousands of patients who visited the facility between 2008 and 2013 that their names, addresses, dates of birth, Social Security Numbers, medications, treatments and other clinical information could have been stolen. The University’s costs, and exposure, continue to rise as a result of this theft.

The remedy for this risk, according to Microsoft, is to utilize appropriate security settings and antivirus protection.  Professional Liability Matters would also add that all professionals should (a) update their computer use policy and (b) consult with their broker to ensure that they are adequately covered for cyber-liability exposure.