Why Does My Community Association Need Cyber Insurance?

By: Tiffanie Thompson, SentryWest Insurance

​The manta in the cyber world is:  It’s not a question of IF an association will suffer some kind of data breach- but WHEN.
Cyber criminals are not looking for a huge payout – they want an easy target.  Community Associations have two things they want: 1) personal homeowner information and 2) money.  Associations are even more attractive because most lack security measures that larger corporations utilize.
Consider a few different possibilities:

• The treasurer of an association receives an email that appears to be from a vendor requesting funds be transferred for work performed. The treasurer transfers the funds as requested. Later it is discovered a thief was impersonating the vendor and the funds were transferred to the thief’s account.
• A board member or manager loses their laptop, which contains association bank account numbers and passwords.
• A cyber-thief hacks obtains access to an association’s records and obtains personal information about homeowners.
• Online payment options
• Have a website or utilize social media

All of these are real life situations and can result in thousands of dollars stolen or identities compromised. The financial loss of cyber theft doesn’t just stop there.  The additional expenses for forensics, the expense to remedy the issue, notifying homeowners affected and possibly compensating those individuals, any State data protection penalties, and any potential defense costs.  All of these add up to be thousands of dollars. 
Cyber insurance coverage helps the association recover from the financial loss as well, as well as credit monitoring, notification, computer forensics, attorney’s fees, regulatory fines, but it can also include crisis management and public relations.
Don’t fall into the common misconception that someone else is handling it, like the management company.  What recourse will the association have if the management company sends a fake contractor $10,000?  Does the management company have cyber coverage and will it protect the association?
Board members all have the same question, “Is it worth paying for cyber insurance, when we can use those funds to update something else in the community”.  The answer is, absolutely!  Its is important to have good practices, securities and coverages in place that will protect the association and board members from cyber criminals.