American Church Group - Colorado

Does Your Ministry Need Cyber Insurance?

Hackers Think Ministries are Vulnerable 

Written by Ryan Sutherland, American Church Group of Colorado 

In Genesis 25-27 we find a story about a family with Hollywood-level drama and deception. If you are not familiar with the reference, Jacob (the slightly younger twin brother of Esau) takes advantage of a moment of weakness and coerces Esau to give up his most personal and precious piece of data—his birthright! 

But Jacob’s treachery does not stop there. He then impersonates Esau—even putting on hairy goat sleeves and gloves to mimic his brother’s hairy features—to convince their father of his false identity. The deceived Isaac gives away the blessing that belonged to Esau who is then left with nothing but anger and frustration at his brother’s theft. 

Interestingly, events like this story are happening daily to ministries, through cyber-crime! At least on the surface in a worldly sense, the story of Esau and Jacob ought to teach us to watch out for those who seek to take advantage of and steal from us. And these perpetrators and thieves may even disguise themselves as family members to deceive! 

Churches are increasingly becoming targets for cyber criminals. The most common attack is by sending “phishing” emails where the perpetrator poses as someone familiar to the ministry staff (like a senior pastor, deacon, elder, or someone trustworthy) and requests some sort of response. The bait is typically a sob story about how the pastor forgot to bring his wallet on a trip and needs a wire transfer. It is often uncanny how these attackers know and strike precisely when the pastor is traveling or out of the country. 

Sometimes attacks are much more difficult to detect. Of note, we have noticed increases in situations where a ministry is about to electronically transfer funds to a vendor and before the transfer happens, they receive an email from the vendor stating that the account number they previously gave was the wrong one, or they have switched accounts. We have seen ministries wire tens of thousands of dollars directly into the account of a fraudulent individual. Once the money is gone, it is too late.  

Churches often store vast amounts of important sensitive information that savvy hackers can use to steal identities or sell on the dark web. Ministries typically do not have regular protocols for purging data that is no longer needed. These personal data “breaches” are often expensive and humiliating to deal with because of the requirements to notify affected individuals that their data has been compromised. 

Cyber liability insurance has become an essential part of doing business in the twenty-first century. Many leaders, however, do not believe they are large enough or have a big enough digital footprint to fall victim to such attacks. Or they think that information breached in the cloud is not their responsibility. 

Legally you are responsible to safeguard your client’s personal information–regardless of where you store it. If cloud-based management systems get breached and your member’s data is compromised, then you are responsible to notify them and do whatever is necessary to restore their identities—costing the ministry thousands of dollars and sometimes hundreds of hours. Few ministries are equipped to even manage this type of situation themselves and require help from an outside agency to respond for them. 

What would you do if this happened to you? Being prepared is one of the most important ways that ministries can protect against cyber-crime. Do you have a response plan in place when your ministry is attacked? Do you know who you will call? Do you have insurance coverage in place to help? 

While Brotherhood Mutual cannot prevent cyber-crimes from happening, we can be a much-needed support in times of trouble. Many of our cyber coverages are tailer-made for the kinds of losses that churches experience including coercion, theft by electronic means and virus hacking to name a few. Since these are not automatically included in policies, speak to your agent about making sure you have the ones you need. 

Be sure to reach out to our service team if you have any questions regarding your options when it comes to filing a claim. We are here for you, and we have your back! You can reach them by phone at 877-794-2330 or by email at clientsupport@americanchurchgroup.com. 

Ryan Sutherland – Account Executive   

Ryan Sutherland serves as an Account Executive for the American Church Group of Colorado. Together, their team serves and insures around 3,000 ministries across six states. 

_{© 2022 American Church Group of Colorado, LLC. All rights reserved.?The information in this article is intended to help your ministry better understand issues of vulnerability and mitigate risks.? It does not constitute legal advice between an attorney and a client. If specific legal advice is required, your ministry is encouraged to consult with a local attorney.?Neither Brotherhood Mutual Insurance Company, American Church of Colorado, LLC, nor?the author assumes liability for reliance upon the information provided in this?article.}