For the past decade, cyber threats have become a growing concern for individuals and businesses. In 2017, over 179,000,000 records and 14,200,000 credit cards were exposed. This represented a 27.5% increase in data breaches, signifying an increasing trend that doesn’t seem to be slowing down. (According to the Identity Theft Resource Center.)
The Entertainment and Amusement Industry appear to be transitioning slower than other industry segments in addressing their risks associated with cyber threats. POS systems, cloud computing, PCI compliance and a business model that revolves around getting people in the doors create significant risk. Oftentimes, regional or family-owned facilities don’t have the internal resources to appropriately combat the more sophisticated threats targeting their business when compared to their publicly traded peers. Without full time, on-staff network security and IT professionals, these organizations face significant risk on their balance sheet in an environment that is rapidly changing. Attackers are becoming more sophisticated in combating security and firewalls. Many of these attackers are investing heavily in tools that allow them to deploy ransomware in the cloud, and are developing artificial intelligence technology to broaden their abilities to exploit individuals through spear phishing schemes, plus malware deployment that stays ahead of “sandboxes” and security programs meant to deter hackers.
Few owners and operators have conducted a financial cost impact in the event a major breach occurred. Data available through Beazley Risk Management states that for every file breached, there is a conservative cost of $250-$300 per file cost (per affected individual). These fees include credit monitoring for breached individuals, notification expense and computer forensics required to investigate the full impact of the breach. With 100,000 annual visitors, the financial impact could well exceed seven figures.
What should business owners be thinking about to mitigate this exposure?
- Development of a vulnerability management program.
- Ensure disaster response plan is up to date.
- Review contractual language to ensure any outsourced services for network security address who assumes liability.
- Become PCI compliant (Payment Card Industry).
- Purchase cyber liability insurance coverage.
The easiest and most cost-effective way to ensure a breach doesn’t financially cripple your organization is to purchase cyber liability insurance. This product is very reasonably priced and allows you to transfer most of this risk to an insurance company. For more information on how to manage risk for your park, please reach out to:
Author – Jordan Stair
Amusement Practice Team Lead,
The Partners Group
jstair@tpgrp.com