Cyber insurance is important in the digital age.
The internet is ubiquitous these days. So much of our social lives, business operations, commerce, and other interactions happens on the world wide web. It follows that for most people and organisations, keeping yourself safe against cybercrime is just as important as protecting your physical assets. However, it is often overlooked and downplayed.
Cyber insurance is protection against loss due to the various types of cyberattacks. There are many things that a business can lose online which are important, including intangible assets like intellectual property rights or data. Our world is increasingly modern and connected over the internet. Any company, organisation, or individual that is not taking measures to protect their online activities is putting themselves at risk.
Who is at risk?
A rundown of all of the cybersecurity risks that exist would take much more than a single blog post. These are some real examples of how cyber threats can cause harm.
- Cyber Extortion – CERT recently reported that companies in the financial sector had received extortion emails threatening denial-of-service attacks. Common to businesses, these attacks restrict or impair legitimate use of a network or system. Often this is done by “flooding” the system with traffic.
- Social Engineering – There have also been reports of social engineering attacks taking advantage of the fear surrounding COVID-19. Social engineering refers to any attempt to get people to give up sensitive information via emails and other forms of direct messaging. It’s psychology mixed with cybercrime, and preys on people’s trust. Messages asking for donations or offering information should you click a link should not be trusted unless they can be solidly verified as coming from an official source. Social engineering can also take the form of cyber criminals obtaining information and then sending fake invoices with their own bank details, stealing revenue from companies.
- Malware – Link clicking, as mentioned above, can allow the download of malware. This is malicious software that can make its way into a computer or system via an errant click or an infected drive.
- Data breaches – These are of major concern to companies and organisations which store the data of their customers, clients, or patients. In 2019, the Ministry of Health reported unauthorised intrusion to the digital information systems of Tū Ora Compass Health. An attack like this can cause huge mistrust and have very real consequences for both an organisation and the people it serves.
Take a look at few other examples of businesses who could be vulnerable to cyber attacks:
- Car rental services. These are open to cyber attacks due to their reliance on apps, online booking systems, and other online communications.
- Restaurants or cafes. Hospitality establishments like these are highly dependent on Eftpos machines, making them vulnerable.
- Dairy industry and farmers can be targeted via the logistics software they use. They may also have data in cloud storage.
- Brick-and-mortar retail stores depend on the internet for their digital transactions.
- Online stores could fall prey to a denial-of-service attack, theft of customers’ details, and other cyber threats. Operating entirely online makes them extremely vulnerable. as an issue with the website would take down all of their sales.
The above are just a few examples of the ways that cybercrime can affect your company. Cybercriminals are creative, and there are always new things to look out for—that’s why it’s important to train staff in safe practices, use relevant software tools to protect your systems, and consult with cybersecurity experts if possible. It’s also important to insure against cyberattacks.
Many business owners consider cyber insurance to be excessive, but the internet is a weak point (as well as an extremely useful tool) for just about anyone in the digital age.
How cyber insurance covers your business
One of the biggest worries regarding cybersecurity is data breaches. Companies and organisations are responsible for the safe storage of client or customer data. This could mean credit card numbers, medical records, passport information, IRD numbers, and other personal details. Whether that’s stored on the cloud or on your own servers, it is vulnerable to attack through hacking, malware, and carelessness with login information.
A new Privacy Bill that is expected to become law in November 2020 will hold businesses to closer account for privacy breaches, meaning that robust cybersecurity measures and insurance will be even more necessary. The changes to the law will make it mandatory to report breaches to both the people affected and the Office of the Privacy Commissioner. Foreign laws can also affect Kiwi businesses—such as the California Consumer Privacy Act which became effective in January 2020. It applies to anyone storing data of Californian residents, domestic or foreign. It says that Californians must have complete access to and control over any data stored, and also imposes heavy penalties for data breaches and noncompliance.
Cyber insurance protects against:
- Liabilities that arise from data protection laws, management of personal data, and consequences of losing information.
- Financial loss related to other cybercrime. This can include loss of business income, forensic costs for investigations into the event, costs to restore a damaged network or replicate data.
- Public relations costs to minimise the fallout.
Cyber policies differ—it’s important to ensure that you have one that covers what you want it to.
Cyber insurance for businesses is a specialised field and one that can be difficult to grasp entirely for a busy business owner. Using an Insurance Broker like Runacres Insurance with experience in the field can save time in the short term and prevent major losses down the road.
Get a quote or call the Runacres team to discuss the cyber insurance which would best suit your business. As experienced Kiwi insurance professionals and members of the NZbrokers group, we can advise you on the best options for the best outcomes.