By now we are all aware of the Black Friday attack on retailer Target stores which cost credit unions and community banks over $200 million, not including Target's costs or its customers' expenses. While Target may be the poster child of the epidemic of cybercrime, it is not the lone victim (In fact, Target's data breach, which affected 70 million customers, is not even the largest retail data breach to date).

According to PricewaterhouseCoopers' 2014 Global Economic Crime Survey, one in four respondents reported having experienced a cybercrime, 11% of which suffered financial losses of more than $1 million. Moreover, a recent report from the Center for Strategic and International Security states cybercrime cost the global economy $400 billion in 2013—$100 billion in the United States. 

It is no surprise then that 85% of corporate executives surveyed by AIG in 2013 identified cyber risks as their biggest concern to profitability. However, less than a third of companies hold cyber liability insurance policies. Is your industry at risk? 

PricewaterhouseCoopers' U.S. Cybercrime: Rising Risks, Reduced Readiness report includes results from the 2014 U.S. State of CybercrimeSurvey. The survey's results are the combined efforts of cyber-security leaders from PricewaterhouseCoopers, CSOmagazine, the CERT Division of the Software Engineering Institute atCarnegie Mellon University, the United States Secret Service, 500 executives of U.S. businesses, law enforcement services and government agencies. 

The survey reveals the following significant incidents in 2013 to the banking and finance, healthcare, and insurance industries: 

 

Banking & Finance

No incidents – 20%

Identify theft – 20%

Customer records compromised or stolen – 23%

Financial losses – 23%

Denial of service attacks – 29%

Financial fraud – 36%

 

Healthcare

Theft of electronic medical data – 15%

Customer records compromised or stolen – 19%

Financial losses – 19%

Email or other applications unavailable – 22%

Private or sensitive data unintentionally exposed – 22%

No incidents – 30%

 

Insurance

Confidential records (trade secrets or IP) compromised or stolen – 19%

Customer records compromised or stolen – 19%

Financial fraud – 19%

Unauthorized access/use of data, systems, networks –19%

Financial losses – 29%

No incidents – 38%

Finally, the survey found that the average number of security incidents detected in 2013 was 135 per organization. This does not account for incidents that go undetected. Last year 3,000 companies were unaware of cyber intrusions until notified by the FBI. 

The warning is clear: any company processing the personal information of another is a target for cybercrime regardless of its size or industry. However, like retail, the banking and finance, healthcare, and insurance industries are especially rich targets because they obtain a wealth of personal information about their customers. Therefore, companies wanting to protect their money and their credit need to have a data breach response plan in place before it becomes necessary. As they say, "the best offense is a good defense."

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.