Category Archives: Business Contingency Planning

Information Security Insurance

Information security insurance is designed to protect an individual or business against the risk of possible loss due to information security incidents. Similar to other forms of insurance the policy holder pays a monthly/annual premium to the policy issuer for the agreed to insurance plan.

Why might you need information security insurance?

The more your business relies on information systems to operate the more at risk you are if a catastrophic incident affects critical systems.To help manage risk to more acceptable levels information security controls are implemented to protect against various threats. Information security audits are another risk reducing measure a company can take to help validate the effectiveness of their information security controls and document any weaknesses for prioritization and correction. Many companies choose to self insure and pay any information security incident expenses out of pocket vs. pursuing direct insurance although the number of companies obtaining insurance is increasing at a dramatic rate. If you are under the impression that your traditional insurance policies will cover you for technology related risks now is a good time to validate that assumption. Lastly, if you are involved with a start-up it is sometimes a requirement for VC providers that information protection insurance be active to protect their future investment in your company.

Examples of events that can be insured with information security insurance

  • Unauthorized system or network access
  • Theft of sensitive intellectual property
  • Fraudulent ebusiness or online banking activity
  • Lack of availability of systems
  • Disaster Recovery
  • Technology errors and omissions

What are typical costs from an information security incident?

  • Cost of investigating source of incident and scope of systems breached – Expert investigators are very expensive so expect to pay mid to upper 5 figures or even into the 6 figures to investigate and clean up a security incident
  • Cost of loss business – Business that is lost especially if it is not recoverable could amount to significant costs.
  • Cost of lost employee productivity – If your employees can not do their job you still have to meet payroll and other financial obligations
  • Cost of breach disclosure notifications and customer protection measures – If sensitive customer or employee data is lost while under your care you are likely financially obligated to notify and offer credit protection measures to minimize their risk of identity theft.
  • Worst case scenario is inability to recover from an incident leading to failure of the company

Final tips on information security insurance

If you desire information security insurance your first stop should be to try add the coverage via your existing insurer. If they do not offer the service or the cost is too high you should shop around to get the coverage you are looking for. It should be noted that the information security insurance industry is very immature and there is a lack of standardized offerings. When comparing different insurance options be sure to get everything in writing and validate that you are comparing equal coverages when assessing different companies.

Google Page Rank Changes – Can your online business survive drastic changes?

Google Ranking Changes - Can your business survive?

Google Ranking Changes - Can your business survive?

Business contingency planning is essential to ensure your business can survive events that are both within and outside your control. For online businesses one key event to consider contingency planning for is the following scenario. What would happen if your Google ranking fell dramatically overnight? Established online businesses with loyal customers would likely be fine but any online business overly reliant on organic Google traffic could be devastated. Think it can not happen? Think again. Leading web traffic ranking company Alexa served notice that broad Google algorithm changes caused drastic swings in traffic by as much as 80% for certain websites. If you visit Google support forums you can validate this phenomenon as frantic site administrators desperately seek answers to what happened and advice on how they can restore their previous rankings to save their business.

What can you learn from other online businesses that have experienced drastic Google page rank changes?

1. Validate that your site is not infected with malware

Many online businesses that experience drastic ranking declines have been infected by malware and are penalized as a result. The best method to validate if this is your problem is to utilize the Google Webmaster Tools suite and perform a malware diagnostics test. If no malware is detected you have likely run afoul of Google for a different reason.

2. Do not expect restitution from Google

A quick scan of the Google support forums quickly confirms that Google regularly tweaks algorithms that will result in changing site rankings that they usually maintain is being done to improve search results for their customers. Most often times that will be the case but that will not make you feel any better if you feel your site has been unfairly removed from the coveted first page of google search rankings. A Google representative will likely advise you to review the overall usefulness and uniqueness of your site content effectively deflecting the question of the appropriateness of the ranking change.

3. Results of algorithm changes are unpredictable

Ranking changes are unannounced and could occur at any time. Site owners that regularly monitor their traffic with analytics software rapidly detected  drastic changes but many of us might not be as quick to notice. Would you notice a drastic traffic drop?

What can you do to protect your business to withstand drastic Google rank changes?

1. Diversify your income streams

If you are like many of the frantic site owners in the Google help forum and fail to diversify your business income stream you are at the mercy of Google. Heed this warning and take steps to reach out to your customers directly. Build relationships, build mailing lists, use RSS and take other steps to mitigate the damage drastic search rank changes can have on your business.

2. Build a relationship with a Google support rep

Google support reps are people too so try to befriend one and make them part of your network. Relationships make the world go round so get on friendly terms with someone who might have your back should things go against you for the wrong reasons. If you do not have a personal contact I recommend being polite, factual and taking the conversation offline of forums to increase your chances of getting a satisfactory outcome.

3. Budget for down cycles so your business will survive

Individuals are advised to have a 6-12 month cash slush fund in case of hardship and businesses are no different. If you are reliant on this months income for survival any setback could be a permanent one.

This post should not be interpreted as anti Google because that is not my intent. It is only meant to remind you that uncontrollable events happen and that these events can have a material effect on your online business. You must be ready to anticipate and respond to these challenges when they arise and take the needed steps to keep your business healthy despite the obstacles you may encounter.