Home Page Home Page Newsletter Contact Us Get A Quote Business Insurance Home Insurance Auto Insurance Health Insurance Life Insurance

As a host of insurance executives and specialists gather in San Francisco this week to discuss the growing and complex problem of cyber security, my thoughts turned to China -- reputedly a major source of cyber attacks both on private businesses in the U.S. and on U.S government data caches. I do not mean to suggest that China is the sole or even the principal originator of cyber attacks in this country. It is not. However the recent state visit to the U.S. of Chinese President Xi Jinping, at which cyber activity was a major point of discussion, and the imposition last month by the SEC of a fine on a St. Louis investment advisory firm for failing to have adequate cyber protective measures in place when it was the victim of a cyber attack originating in China, led me to consider the unmistakable nexus between cyber security and China.  

The Global Connection. At a joint press conference in Washington D.C., on September 25, 2015, President Obama and President Xi announced a "common understanding" that the United States and China would not knowingly support cyber theft of corporate secrets or business information. Details were not announced and a few days later at a hearing before the Senate Armed Services Committee, James Clapper, Director of National Intelligence, indicated that he was skeptical that the agreement would be an effective restraint on cyber attacks from China. He noted that the agreement did not contain enforcement mechanisms or penalties, but that the U.S. retained the right to impose economic sanctions if appropriate. President Xi's visit to the U.S. followed closely on the disclosure that Chinese sources were responsible for the theft of personal data on 21 million individuals from data bases maintained by the U.S. Office of Personnel Management. 

Many experts believe that given the current state of technology and the increasingly broad range of potential targets, it would be very difficult effectively to prevent cyber attacks. While cyber defenses can and should be improved, progress in the short term will depend on a genuine willingness of Chinese and U.S, authorities to restrain both governmental and private actors from engaging in attacks. There is some reason to hope that as China develops a more expansive and sophisticated reliance on cyber systems, it will have stronger incentives to cooperate with global protections for cyber data. In a similar fashion, whereas China was a major source of patent, copyright, trademark and intellectual property misappropriation some decades ago when its economy was beginning to expand, in recent years it has recognized that its more innovative and developed economy now has much to lose from such activities.

A Local Connection. The problem of cyber attacks from China is not just a global matter, and cannot be viewed as an abstraction. The R.T. Jones case is a reminder of how "global" issues can strike home. R.T. Jones Capital Equities Management Inc., is a St. Louis based investment advisory firm of modest size with approximately $481 million of assets under management. It was informed on July 22, 2013, that data bases containing client information that it maintained through a third-party web server had been attacked. It was determined that personal information on approximately 100,000 customers was potentially at risk. It notified federal authorities on July 26, 2013. After the attack, the company appears to have done all the right things. It hired cyber experts to determine the source and scope of the attack and to assess the information placed at risk. It notified customers and offered free identity theft monitoring through a third-party provider. As an investment advisory firm, R.T. Jones is subject to regulation by the Securities Exchange Commission (SEC). The SEC conducted an investigation of the cyber theft, and on September 22, 2015, the SEC announced that it was fining R.T. Jones $75,000 for failing to establish procedures for cyber security prior to the breach as required by federal securities laws. The SEC announcement of the penalty stated that: "To date, the firm had not received any indications of a client suffering financial harm as a result of the cyber attack."

The bottom line is: While it is to be hoped that international agreements and efforts to curb cyber attacks will be successful in the future, at present U.S. businesses that maintain personal information on customers, clients or the general public, should take reasonable steps to protect that information from increasingly aggressive and sophisticated cyber attacks. Moreover, individuals whose personal information is typically at risk in a host of data bases, should be aware of the attendant risks and at minimum should be prepared to react when informed that his or her information has been breached. (On the same date that the SEC announced its fine of R.T. Jones, it published a new investor alert, "Identity Theft, Data Breaches, and Your Investment Accounts," which suggests steps that can be taken by investors regarding their investment accounts in case of identity theft or data breach. The alert can be found on line at investor.gov).

For all of your insurance needs: home, auto, fire, health, life, business and commercial, please contact Pfeifer Insurance Brokers for prompt, knowledgable and friendly service. 

Alex Pfeifer
Pfeifer Insurance Brokers
650 762-8087

Share |

No Comments

Post a Comment
Required (Not Displayed)

All comments are moderated and stripped of HTML.
Submission Validation
Change the CAPTCHA codeSpeak the CAPTCHA code
Enter the Validation Code from above.
NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014

View Mobile Version
Pfeifer Insurance Brokers   |   533 Airport Blvd, 4th Floor   |   Burlingame, CA 94010   |   Phone: 650-762-8087   |   Fax: 650-897-5998
Powered by Insurance Website Builder
Home Page About Us Our Services Location Get A Quote Contact Us