By now we are all aware of the Black Friday attack on retailerTarget stores which cost credit unions and community banks over$200 million, not including Target's costs or its customers'expenses. While Target may be the poster child of the epidemic ofcybercrime, it is not the lone victim (In fact, Target's databreach, which affected 70 million customers, is not even thelargest retail data breach to date).

According to PricewaterhouseCoopers' 2014 Global EconomicCrime Survey, one in four respondents reported havingexperienced a cybercrime, 11% of which suffered financial losses ofmore than $1 million. Moreover, a recent report from the Center forStrategic and International Security states cybercrime cost theglobal economy $400 billion in 2013—$100 billion in the UnitedStates. 

It is no surprise then that 85% of corporate executives surveyedby AIG in 2013 identified cyber risks as their biggest concern toprofitability. However, less than a third of companies hold cyberliability insurance policies. Is your industry atrisk? 

PricewaterhouseCoopers' U.S. Cybercrime: Rising Risks,Reduced Readiness report includes results from the 2014 U.S.State of CybercrimeSurvey. The survey's results are the combinedefforts of cyber-security leaders from PricewaterhouseCoopers,CSOmagazine, the CERT Division of the Software EngineeringInstitute atCarnegie Mellon University, the United States SecretService, 500 executives of U.S. businesses, law enforcementservices and government agencies. 

The survey reveals the following significant incidents in 2013to the banking and finance, healthcare, and insuranceindustries: 

Banking & Finance

No incidents – 20%

Identify theft – 20%

Customer records compromised or stolen – 23%

Financial losses – 23%

Denial of service attacks – 29%

Financial fraud – 36%

Healthcare

Theft of electronic medical data – 15%

Customer records compromised or stolen – 19%

Financial losses – 19%

Email or other applications unavailable – 22%

Private or sensitive data unintentionally exposed – 22%

No incidents – 30%

Insurance

Confidential records (trade secrets or IP) compromised or stolen– 19%

Customer records compromised or stolen – 19%

Financial fraud – 19%

Unauthorized access/use of data, systems, networks –19%

Financial losses – 29%

No incidents – 38%

Finally, the survey found that the average number of securityincidents detected in 2013 was 135 per organization. This does notaccount for incidents that go undetected. Last year 3,000 companieswere unaware of cyber intrusions until notified by theFBI. 

The warning is clear: any company processing the personalinformation of another is a target for cybercrime regardless of itssize or industry. However, like retail, the banking and finance,healthcare, and insurance industries are especially rich targetsbecause they obtain a wealth of personal information about theircustomers. Therefore, companies wanting to protect their money andtheir credit need to have a data breach response plan in placebefore it becomes necessary. As they say, "the bestoffense is a good defense."