“Put your hand up if your company has a cyber policy?” Two attendees from forty raised their hands. This was Mike Smith’s opening line in a seminar held Tuesday 10th Ocober at the Finance Centre on cyber and data loss insurance, organised by local and international insurance brokers, Sovereign Insurance Services. Mike is a cyber insurance specialist working in the Lloyds insurance market in London and gave a fascinating talk on what potential losses can arise from the ever growing cyber crime industry.
Mike gave example after example of real life issues impacting small SME’s to global enterprises. “In a conversation with my underwriter last week, he asked me what I thought the biggest cause of cyber claims was. I answered confidently “data loss or theft”. What with the non-stop headlines showing companies losing personal and credit card data, I thought this was obvious. However, much to my surprise the correct answer was ‘ransomware’. This contributed to 37% of Hiscox’ cyber insurance payouts last year” continued Mike. Ransomware is software that a hacker gets into your computer network with the sole purpose of holding you to ransom. The ransom sum might only be a few hundred pounds. Indeed, it is often cheaper to pay the ransom than sort out the mess. Many companies pay it.
The audience included representatives from local insurance, cyber, legal, medical, financial and estate agency firms, keen to understand the relatively new phenomenon of cyber crime and how it creates a new style of risk to any business, hence potential loss.
Sovereign Insurance Services were showcasing their new knowledge and product range to assist local companies to cover these potential losses with insurance.
“The hack could come from any part of the world, by organised crime, by a kid just experimenting to see how far he can get into your systems for a bit of fun , or from a disgruntled ex-employee, happy to send a trojan horse into your company which effectively dismantles and renders useless fifty laptops.” Mike warned.
He also mentioned how the new Data Protection rules, coming into effect in May, escalate the obligations of any company holding third party data. Fines of up to 4% of global turnover can be levied by the country’s regulator if there has been a data breach.
So what was the advice? Mike suggested the following. Firstly, to educate your staff as 28% of data breaches are from human error, for example lost USB drive, weak passwords, emails to the wrong address, and insecure recycling of paperwork. Secondly, prevention is better than the cure. Hackers are continuously evolving and becoming more sophisticated and probe for what works best. Regularly install software updates and patches for example. Change passwords often, lock away USB sticks and audit on your computer systems by paying for penetration testing. Finally, don’t be an ostrich. Take on this risk with eyes wide open. Yesterday’s theft was cars and TV’s. Today it’s data.
The seminar was chaired by Mike Nicholls, and wrapped up by Geoff Trew, chairman of Sovereign Insurance who explained how their office was ready to feed the need of the local business community as it seeks to manage its cyber exposures.
For more information on Cyber Insurance with Sovereign, click here.