Insights
Achieving digital transformation safely
Technology is a business necessity, and its role has been fundamental to grow industry by scaling trade and commerce. Using technology in businesses has provided a more efficient and convenient way to improve performance. Reliance on technology, however, represents a risk due to its increasing vulnerability to cyber-attacks.
The main cyber risks involve privacy risk, security risk, operational risk, and service risk. The emergence of ransomware and other malware increased over 435% in 2020, creating an additional challenge for medium and large businesses across multiple industries.
What are common cybercrimes?
While there are numerous methods of cyber-attacks targeting businesses, there are a few common cybercrimes to be aware of:
Phishing
Phishing is a method that uses social engineering to target people within a business, by disguising emails as a trustworthy entity to lure people into clicking links, downloading attachments, or revealing classified information such as login credentials and credit card numbers. 83% of businesses have identified phishing attacks in the last 12 months.
User Impersonation
This attack is a type of fraud when cybercriminals pose as a trusted contact to manipulate employees into transferring money or sensitive information from a company.
Malware
It is malicious software that infects computer systems to disrupt, damage, or exploit software vulnerabilities and gain unauthorised access to an organisation’s systems. There are several intrusive malware variants, including trojan, viruses, spyware, ransomware, worms, and adware.
Ransomware
Ransomware is malware that employs encryption to hold a victim’s information at ransom. A user or organisation’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access.
Regardless of your level of protection, technology needs people to operate it and even some of the most tech-savvy individuals can fall victim to security threats, with human error causing 95% of incidents reported.
How to protect your business
Adopting a proactive approach to protect your business is possible by implementing strong email security, multi-factor authentication, next generation firewalls, antivirus, patch management, and application control to diminish cyber risks and ensure operational continuity.
Covering all your bases to protect your business can also be achieved by acquiring cyber insurance.
Cyber insurance limits the financial damage caused by a successful attempt to access your business data. Cyber liability policies can provide support such as data recovery, business interruption cover, and first-party and third-party financial and reputational costs, which can help your business get back on its feet in the event of a cyberattack.
In addition to the cover outlined above one of the most valuable benefits a cyber policy offers is access to experts in the event of a breach or attack which can include:
• Forensic investigators to identify what has happened and what, if any, data has been lost and if it can be retrieved
• Legal assistance for the process of notifying the relevant authorities and any people affected by the breach
• Assistance in the restoration of damaged systems and data
All these services can be accessed 24/7 and the costs are included as part of the policy cover.
If your company uses technology as an intrinsic part of your business – then a cyber policy is as essential as your property damage, business interruption, employer’s liability, and public liability insurance.
It would be a mistake to think preventative controls alone were sufficient protection for your business. You would still insure the contents of a warehouse even with locked doors, fire suppression and CCTV in place so why ignore cyber risk?