While the bottom-line costs of a security breach may be high, William J. Montanez, director of risk management for Ace Hardware Corporation, says his company is more concerned about the type of loss that is difficult to measure in dollars.
“The reputational risk of misusing data is our biggest concern,” he says. “The Ace Hardware name is our most valued asset.”
Ace Hardware has an in-house insurance agency through which its network of independent retailers can purchase cyber liability coverage. At the corporate level, Ace purchases a cyber-liability policy from the specialty market.
Montanez says that staff training on the company's network-security policy, adoption of best practices put forth by IT, and software controls are all pieces of the risk management puzzle. What has changed most recently, he adds, is a heightened awareness that Ace business partners need to share the same philosophy around security strategy.
“We work continually to clarify our contractual relationships with retailers and vendors, particularly if they're handling sensitive data, payroll data or banking data,” says Montanez. “They need to clearly understand and assume their responsibilities and liability [for data security].”
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
