background image
25
Connecticut CPA
g
January/February 2018
as biometrics, or requiring an em-
ployee to send/add additional infor-
mation from an independent device.
5. Cybersecurity insurance
You can manage a significant
amount of the first-party and third-
party exposures by transferring risk.
Beyond the insurance itself, lead-
ing agents, brokers, and carriers
provide risk management and loss
control recommendations for imple-
mentation.
Additionally, you likely have third-
party liability coverage for errors
and omissions, including lawsuits
for compromising private informa-
tion. A dedicated cybersecurity
insurance policy will also provide
third-party liability and first-party
expense coverage to the firm.
Given the potential for overlap be-
tween the two insurance policies,
and the breadth of the cybersecuri-
ty insurance in particular, you might
consider working with your agent or
broker to schedule the cybersecu-
rity policy as the primary insurance
with the errors and omissions policy
as additional excess coverage. This
will ensure proper coordination of
coverage and maintain the errors
and omissions policy for general
malpractice exposures.
Conclusion
Overall, phishing is a significant expo-
sure that accounting firms will continue
to face. Be proactive about the mea-
sures your firm takes this tax season.
Ken Goldstein is a former global
cyber security product manager at
legacy Chubb and current visiting
instructor of business law and in-
surance at the University of Hart-
ford's Barney School of Business.
He can be reached at kgoldstei@
hartford.edu.