At home or at work, the dangers of cyber attack are very real. But what can you do about it? Read on ...
IT scams are becoming increasingly sophisticated
Your nightmare may be just a click away - a denial of service attack downs your network, or your computer is hacked and infected with malware - a virus, worm, trojan, bot, or even ransomware! Then there’s spyware, cyber stalking, cyber grooming through bogus chat rooms, identity theft and a plethora of other online scams that encourage handing over of financial details, passwords and the like.
It happened to me – my Facebook identity was stolen and chats initiated with my Facebook friends to encourage participation in a scam. I didn’t even know about it until a friend complained about my ‘out of character’ behaviour!
The brave new world of cyber crime
PricewaterhouseCooper’s Global State of Information Security Survey 2015 suggests the total number of cybersecurity incidents detected in 2014 was 42.8 million - a 48% increase from 2013. And more problematic - an estimated 71% of incidents went undetected. The Association for Financial Professionals Report 2015 noted one in 3 companies had been the target of cyber attacks over the past 18 months. In 2013, cyber attacks affected 5 million Australians at an estimated cost of $1.06 billion.
Cyber resilience - prevention is better than cure
Cyber resilience is the ability to prepare for, respond to and recover from a cyber attack. It involves identifying your essential information and critical business assets and assessing your cyber vulnerabilities then implementing and upgrading IT protection measures, monitoring processes and procedures to mitigate cyber attack risks, and developing response and recovery plans.
Cyber Resilience = Prevention + Cyber Insurance
Consider your client database has been hacked - malware has been installed to steal vital contact details which are then forwarded to a third party. The reputation damage to you and your business is enormous, and if your database has been stolen or destroyed, it will take months and thousands of dollars to recompile it. Or it might be a simple incidence such as your laptop is stolen – with business critical information or confidential client or patient information.
What is Cyber Insurance?
Cyber insurance includes a range of policies tailored to specific cyber risks including:
- data or privacy breaches – covering the costs of managing an incident, client notification, public relations, forensic investigation and remediation, court costs and regulatory fines (the maximum fine for an individual inadvertently releasing private information despite being hacked is $340,000 and for a corporation is $1.7M)
- media breaches – eg. covering third-party damages for defacement of a website, blog site and intellectual property infringements.
- extortion - covering losses resulting from IT extortion typically as a result of ransomware
- network security breaches – covering third-party damages as a result of a network cyber attack eg. a disruption of service attack or theft of data
- business interruption – covering losses while your business is ‘out of business’ due to a denial of service attack or cyber attack that hijacks, steals or destroys your business critical databases and other intellectual property.
Traditional business insurance policies versus cyber-insurance
Companies typically maintain a suite of insurance policies including:
- public and products liability insurance
- professional indemnity insurance (where professional services are provided)
- commercial crime insurance
- directors’ and officers’ liability insurance (D&O insurance)
- property damage and business interruption insurance.
While some of these policies may, between them, cover losses or liabilities arising from a cyber-breach, some significant losses or liabilities are likely to fall through the gaps.
They won’t target me – will they?
Most cyber criminals have loose networks within which they collaborate and cooperate with one another. Unlike the real world, these criminals do not fight one another for supremacy or control. Instead they work together to improve their skills and even help one other with new opportunities. By and large their targeting is indiscriminate with results driven by the sheer magnitude of their databases.
Symantec reports that SME businesses are now the key target for hackers; and the most commonly targeted victims are knowledge workers (27 percent) given their access to intellectual property - and sales (24 percent). Although not yet on many people's radar, Cyber Insurance is particularly important if you store sensitive or non-public information about clients on your computer, server or in your paper files.
Can I afford Cyber Insurance?
Really this question should be “Can I afford not to take our cyber insurance?” So what next?
Your best approach is to talk to us …we have the time to listen and the expertise to provide you with advice about a about a policy that will match your specific business requirements.
You care about your business … we care about protecting it and your peace of mind.
Cyber Insurance … it’s more than just a policy
Our service and advice is just the beginning …