N@N

Leisure Industry Proves Irresistible Target for Cyber Pirates

^{Published on 2011-08-02 19:21:15 - Market Wire}
 

LONDON--([ BUSINESS WIRE ])--The vast quantities of personal, identifiable information collected by the leisure and hospitality industry has made it a chief target of cyber attacks, according to Willis Group Holdings (NYSE: WSH), the global insurance broker.

"Companies that hold substantial volumes of personal, identifiable data are irresistible to web-based pirates."

Willisa™ Cyber Risk Unitreports that cyber-related insurance claims have spiked by 56 per cent over the past year alone, with an increasing proportion of victims in the hospitality industry. Citing a recent survey, the [ Willis Summer 2011 Leisure Newsletter ] warns that hotels, resorts, tour companies, and other leisure and entertainment providers are increasingly vulnerable to hackers seeking to steal personal information. The Newsletter highlights the major risks posed by the deluge of personal data and explores actions companies can take to protect themselves against cyber crime.

The Ponemon Institute, a US-based information technology think tank, estimates that the costs of recovering from a cyber attack a"including costs associated with notifying customers and implementing credit monitoring software to help ensure victimsa™ credit records are not compromised by the misuse of stolen data -- typicallyrange anywhere between US$100,000 to US$1million. However, Willis warns that some of the largest breaches can cost in excess of US$100 million. More stringent data protection legislation coming into force will only further increase companiesa™ financial exposure to cyber crime, both in terms of liabilities to banks and individuals, to say nothing of the more difficult to quantify reputational damage such attacks can cause.

The main culprits of data breaches include rogue employees, malicious attacks, and innocent mistakes made by outsourcing firms employed to manage customer data.

Laurie Fraser, Global Markets Leisure Practice Leader for Willis said: aHackers are getting ever more sophisticated, penetrating firewallsto drain corporate databases of their customersa™ personal details, including credit-card numbers when not encrypted, medical histories and other personal information. This year has already seen at least three high profile cyber crime cases where security breaches triggered public outrage and panic over identity theft and fraud. The incidents badly bruised the reputations of popular consumer brands, as well as exposed firms to a host of increasedcosts as well as potential liabilities.a

Jeremy Smith, Practice Leader of Willisa™ London Cyber Team, observed: aCompanies that hold substantial volumes of personal, identifiable data are irresistible to web-based pirates.a

In response, Smith said that cyber liability insurance, which has existed for about 10 years, is evolving to reflect the current environment, helping companies to transfer the risks and costs of data loss and cyber piracy.

aWillis is working closely with the insurance industry to stress test existing policiesa™ ability to address the nature of cyber crime and develop exclusive wordings thatassist in thetransferof these risks. Recent breakthroughs include the introduction of identity theft solutions and Payment Card Industry fines coverage, which helps to protect companies from penalties linked to the mismanagement of credit card data.a

Willis Group Holdings plc is a leading global insurance broker. Through its subsidiaries, Willis develops and delivers professional insurance, reinsurance, risk management, financial and human resource consulting and actuarial services to corporations, public entities and institutions around the world. Willis has more than 400 offices in nearly 120 countries, with a global team of approximately 17,000 employees serving clients in virtually every part of the world. Additional information on Willis may be found at [ www.willis.com ].