As consumers and businesses embrace technology they are revolutionising the way they communicate. They are becoming more reliant on computers and social media and the insurance industry is using more data sources. We need to ensure that data protection and ownership are given greater consideration.
SMEs might believe that because they are small, they will not be a target for hackers, however that may make them even more of a target.
They often have less cyber security in place than large organisations making them easier to attack. SMEs are also often part
of a supply chain with larger firms and so present a back-door into bigger organisations with more sophisticated cyber security in place.
BIBA is an active member of the Cabinet Office’s Cyber Insurance Industry Forum. More businesses than ever before are being attacked, hacked or having sensitive data lost or stolen.
The Government’s Cyber Essentials scheme aims to provide a platform of cyber-hygiene that firms can build upon, reducing their risk of attack.
The Cyber Security Information Sharing Partnership (CiSP) will help alert businesses to the latest threats and confidentially share information relating to attacks.
Ransomware and cyber security
The May 2017 outbreak of a ‘ransomware’ type of computer virus called WannaCry, affected users in many countries around the world including firms such as FedEx and many NHS trusts. It is believed to have led to 57,000 infections in 99 countries.
Ransomware is a type of malicious software that locks and encrypts a user’s files until a random is paid. Cyber security experts strongly advise against paying a ransom as there is no guarantee that the files will be decrypted and the user is often placed on a list of people who pays ransoms – making them more of a target in future.
WannaCry exploits a vulnerability in Microsoft, which released a software patch to fix it in March. However, many users fail to install updates and patches on their computers meaning vulnerabilities can remain open a lot longer and make it easier to exploit.
Up to 80% of cyber-attacks can be prevented by undertaking Cyber Essentials – the Government-backed cyber security certification scheme that sets out a good baseline of cyber security suitable for all organisations in all sectors. BIBA strongly recommends that members and their clients undertake cyber essentials to help reduce the risk of succumbing to an attack: https://www.cyberaware.gov.uk/cyberessentials/
If you or any of your clients have been affected, the National Cyber Security Centre has advice on steps to take: https://www.ncsc.gov.uk/guidance/protecting-your-organisation-ransomware
You can take steps to protect against attack. Follow the tips from CFC underwriting.