Your Essential Checklist to Protect Against Cyber Crime
£34bn a year
That's the cost to British businesses each year from cyber crime (Source: Telegraph).
And it's not just the cost to fix the problem that businesses need to worry about. If your company data has been breached then you also have to worry about
- business disruption while the issue is resolved
- alerting customers and potentially offering compensation if their details have been used to commit fraud
- the impact on your company's reputation
- the loss of company data or intellectual property
And yet, despite these risks, many business owners fail to protect their company against cyber crime. SMEs are often easy targets for hackers because they underestimate the basic requirements or think that their business won't be at risk.
However, every single industry in the UK is a potential target for online criminals. Hackers steal customer data and intellectual property, as well as trying to access important financial information. They look for easy targets and have software which can seek out unprotected internet connections, or send phishing emails into company inboxes. And the technology used by the hackers is becoming more advanced.
That's why it's more important than ever to ensure your business is protected.
1. My business doesn't have anything of value or relevance for cyber criminals.
Every business in the UK is a potential target for cyber criminals.
2. I installed antivirus software a few years ago, so I'm covered.
Your software will need to be regularly updated to protect against the latest threats. However virus protection and firewalls will not ensure the complete protection and security of your data.
3. Hackers only target huge companies or government organisations, so I don't have to worry about cyber security
Cyber criminals select easy targets first. Having a security system in place will deter hackers and reassure your customers that you care about protecting their data.
4. I can't afford a data security system
The cost of something going wrong will be so much more. Is it really worth the risk?
5. Cyber Insurance is not necessary, since I've already taken the necessary precautions
Hackers are constantly evolving their methods to get round the latest security systems. Having cyber insurance is an extra layer of protection in case something should go wrong.
Our Cyber Security Checklist
This list is not exhaustive, however it will help you to ensure you have covered most eventualities to protect your business
- Anti malware / antivirus software
- Firewall protection
- Install regular system updates
- Use secure Wi-Fi for business operations
- Restrict access to secure data
- Regularly backup your data
- Use strong passwords and change these regularly
- Use secure log-ins and delete unused accounts
- Implement company security policy and train staff to comply
- Limit access to removable media such as external hard drives / USBs
- Create a disaster recovery plan
- Ensure you have adequate cyber insurance protection
On 25th May 2018 the General Data Protection Regulation (GDPR) will come into force. This is an EU initiative aimed at making companies accountable for protecting customer data. Of course, the UK will be leaving the EU in the near future, but will likely implement similar controls. Companies should therefore review all of their cyber security policies in preparation for this, and ensure they have cyber insurance in place, to protect against the worst case scenario.
What If My Business is Attacked?
According to recent studies, there was a 38% increase in information security incidents in 2016 compared with the previous year and, surprisingly, almost three-quarters of SMEs suffered some sort of security breach in that year. The estimated cost of each breach, on average, was between £75,000 and £310,800 (Source: PWC).
So, what should you do if your business is targeted by online criminals? It is vital that you have cyber insurance in place, not only to support your business to improve its cyber resilience, but also to help you recover, should the worst happen. Having adequate insurance will give your customers peace of mind that their information is protected.
Cyber Insurance from the Insurance Knight Consultancy
This is a relatively new area of insurance and new policies are coming onto the market all the time. Cyber insurance policies can either be offered as standalone, or can also be included with other policies such as Professional Indemnity insurance.
It is important to select a broker that has specialised knowledge of (and access to) cyber insurance policies in the market. Your insurance provider should also have an understanding of the requirements of businesses, especially in the SME arena, to ensure that the cyber insurance policy meets the needs of your business.
At The Insurance Knight Consultancy we offer various levels of cover for Cyber Liability:
- Cyber Business Interruption Loss
Provides cover when there is an IT failure or when a cyber-attack interrupts business operations, for loss of income during the period of interruption.
- Privacy Breach Costs
Covers costs arising from dealing with a security breach i.e. notifying customers of a cyber breach, IT forensic costs etc.
Covers against claims of infringement of privacy and associated legal costs in the event of a breach. This is especially relevant for businesses that handle or store any personal information from their customers.
- Cyber Extortion
This protects businesses from ransomware and other malicious attempts to seize control of and withhold access to operation or personal data until a fee is paid.
- Digital Asset Replacement Expenses / Hacker Damage
Protects against damage inflicted by a hacker on digital assets i.e. the loss, corruption or alteration of data as well as misuse of computer programmes and systems.
- Media Liability
Provides cover in the event that a company's digital presence leads to a party bringing a claim for libel, slander, defamation or the infringement of intellectual property rights.
- Cyber Forensic Support
Provides support from cyber specialists if a breach does occur.
To find out more about cyber insurance with the Insurance Knight Consultancy, or to get a quote, contact us today - http://www.theinsuranceknight.co.uk/ContactUs/tabid/544/Default.aspx
Telegraph (http://www.telegraph.co.uk/finance/newsbysector/industry/defence/11663761/ Cyber-attacks-cost-British-industry-34bn-a-year.html)
PWC Global State of Information Security Survey 2016 (http://www.pwc.com/gsiss)
PWC Information Security Breaches Survey 2015 (http://www.pwc.co.uk/services/audit-assurance/insights/2015-information-security-breaches-survey.html)