It’s commonly cited as the number one concern and cause of business interruption across the commercial spectrum.
Cyber crime is a real and developing issue for many companies, with a range of threats which can involve the hacking of your company’s IT systems to access personal information or to corrupt data, often followed by a demand for payment to reverse the problem.
However new forms of hacking threats, particularly those dubbed ‘Chief Executive’ fraud, are increasingly common. Sophisticated and new types of cover are available to protect your business.
Development of the traditional cyber threats
Cyber criminals have growing routes of access to company data through mobiles, tablets and, increasingly, through what is known as the Internet of Things. There are significant risks from within your organisation, not least from your employees who are often unwitting stooges for cyber criminals and are also susceptible to human error.
Risks and mitigation
Should such a data breach occur, the specific risks to a business are many: reputational damage and the ensuing loss of customers; potential loss of intellectual property; fines from the Information Commissioner; business interruption which could see contracts left incomplete; loss of invoicing systems which could harm your cashflow.
Mitigating the risks before a cyber attack is best practice and it is essential to ensure that network defences are regularly audited and validated, with regular vulnerability testing.
Demand and the need for cyber and data breach insurance is now becoming a key requirement and we strongly recommend all clients review their exposures and insurance arrangements.
‘Chief Executive’ fraud
As we mentioned earlier there are many new forms of this sort of crime. It essentially involves a staff member being duped by a request for payments, seemingly made by a senior director or manager. Increasingly sophisticated back stories lend apparent credibility to the fraudster’s attempts to steal money.
We have partnered with a market leading insurer which covers these threats, and we have plenty of experience that shows even savvy businesses, with appropriate controls in place, can fall foul of such activity. We’ve seen examples of hackers monitoring social media activity to compile seemingly genuine messages using apparently genuine email domains. The tactic is exploitation of the normal human response to try and impress the boss by acting quickly when asked. It has been a highly effective way of eliciting money.
Traditional insurances don’t cover such losses but, as the threats develop, the market is catching up. The more forward thinking insurers are now offering policies to match these threats and independent brokers like Venture Insurance are well placed to help businesses find such cover.
Changing reality of crimes against business
All these new threats, combined with the likelihood that they will grow in sophistication, make us firm advocates of specialist cyber cover as one of the most essential forms of business insurance.
Some simple in-house procedures such as payment checks or requirements for double signatories can help. But just as our national security forces are attempting to keep one step ahead of the increasingly high-tech online threat, so businesses and their insurers must keep developing strategies to tackle changing cyber crime.