View all news

CNA Provides Five Steps To Strengthen Cyber Risk Management Strategy


CHICAGO, June 5, 2015 /PRNewswire/ -- Regardless of a company's size or industry, adequate controls are needed to minimize the risks to sensitive data exposure. CNA today released Everyone Is a Potential Target for a Cyber Attack: 5 Critical Steps to Protecting Sensitive Data, a blog post by CNA's David Hallstrom, director of Information Risk Insurance.

"For every cyber security breach reported in the news, there are scores of incidents that are not covered in the media," Hallstrom said. "Cyber crime is a problem that is not confined to technology and large companies and there are actions every company can take to manage this risk."

In the blog, Hallstrom identifies five key steps for businesses to strengthen their cyber risk management strategy:

STEP 1: Perform a risk assessment to identify system vulnerabilities, and understand how your data is managed and secured.
STEP 2: Educate your team by implementing a sound communication and training strategy for everyone who is accountable for managing cyber risks.
STEP 3: Know your vendors and make sure you implement reasonable measures to ensure they have the capacity to protect your sensitive information.
STEP 4: Address portable devices and ensure they are encrypted in the event they are lost or stolen.
STEP 5: Make sure you have proper insurance coverage to address potential security breaches.

"Developing an effective plan to identify possible exposures and measures to minimize risk is vital to the success of any business. The potential consequences of a single data breach can range from sizable monetary penalties, negative publicity, interruption of daily operations and loss of public trust," Hallstrom added.

CNA entered the cyber liability insurance market in 2001 and is now the sixth largest writer of cyber security insurance worldwide. Whether it's protecting a company from phishing, becoming exposed to malware or protecting against identity theft, CNA Risk Control professionals have the tools, services and solutions needed to address today's cyber-related challenges. CNA is one of the first carriers to offer the expertise of insurance professionals who have received the Certified Information Privacy Technologist (CIPT) credential from the International Association of Privacy Professionals (IAPP).

Additional information on resources to manage and reduce cyber risk can be found on

Serving businesses and professionals since 1897, CNA is the country's eighth largest commercial insurance writer and the 13th largest property and casualty company.  CNA's insurance products include standard commercial lines, specialty lines, surety, marine and other property and casualty coverages. CNA's services include risk management, information services, underwriting, risk control and claims administration.   Please remember that only the relevant insurance policy can provide the actual terms, coverages, amounts, conditions and exclusions for an insured. All products and services may not be available in all states and may be subject to change without notice. For more information, please visit CNA at "CNA" is a service mark registered by CNA Financial Corporation with the United States Patent and Trademark Office. Certain CNA Financial Corporation subsidiaries use the "CNA" service mark in connection with insurance underwriting and claims activities.

Follow CNA (NYSE: CNA) on: Facebook | Twitter | LinkedIn

Brandon Davis, 312-822-5167
Sarah Pang, 312-822-6394

To view the original version on PR Newswire, visit:


Multimedia Files:

View all news