As our reliance on technology, the internet, and all things digital continues to grow, so does cyber risk. For businesses of all sizes and even government bodies, falling prey to cyber attacks is one of the key areas of concern every day. Evidently, every business with an online presence or electronic data records is potentially at risk. Cyber incidents can put a business in a financial crisis as well as threaten your intellectual property, put your customers’ confidential information in jeopardy, and cause significant damage to your brand. Let’s take a look at the common types of cyber threats and what you can do to protect your business.
1. Malicious Software (Malware)
Malware is the generic term encompassing viruses, spyware, trojans and worms. The aim is to gain access to private information such as credit card details and passwords. Malware can also spy on a user’s computer and take control of its functionalities. Malware can happen to anyone and at any time. Malware attacks don’t require advanced skills and can be “performed” anywhere in the world.
2. Scam Emails (Phishing)
Chances are you’ve probably already come across scam emails before as they are typically sent to thousands of people. Scammers have become increasingly good at mimicking language, branding, and logos to appear real. Unfortunately, phishing scams aren’t only limited to emails – they are now also prevalent through SMS, Instant Messaging, and across social media platforms. Be cautious of requests for money (urgent or overdue bills), suspicious attachments, or “click here to win” links and requests to check or confirm login details.
First off – Never pay a ransom! You are not guaranteed to regain access plus you could be susceptible to another attack (and be even more out of pocket!). Similar to phishing, ransomware attacks are typically carried out via a malicious but legitimate-looking email link or attachment. When the link is clicked on or the document downloaded, ransomware will encrypt a user’s files then demand a ransom to restore access – typically payable using cryptocurrency like Bitcoin. Ransomware creators prey on businesses of varying sizes but due to small businesses often being less security conscious, are less likely to implement cyber security measures.
So what can you do to minimise your risks?
1. Regular updates
Make sure that you’re turning on automatic updates. Updates are newer versions of software you’re utilising. They tend to run faster and more efficiently but even more important, they’ll tend to have higher security levels which in turn reduces your risks of cyber attacks
2. Automatic backups
A backup is a digital copy of your business’s most important documents. If your information is lost, stolen or destroyed; at least you’ll have a back up which means you’ll be back into business quicker and easier. You could also opt for an external drive and keeping it somewhere safe offsite if you prefer.
3. Multi-factor authentication
A security measure that requires two or more proofs of identity to grant you access – think of it as a double layer of security. It’s usually a combination of a pin and a physical possession. It could be a password, security question and a code sent to your mobile phone for example. More sophisticated and high value data could be protected by fingerprint and retina screening. While a hacker could get a hold of your PIN, it is unlikely that they’ll be able to obtain and use other proofs of identity.
While taking the above precautions will reduce your risks of cyber attacks, what happens if all fail? This is where having insurance is crucial!
As covered previously, with the rise of cyber attacks, data breaches are becoming the norm, and having adequate coverage to protect your business from risk is paramount. So what can cyber insurance cover?
Cyber insurance can help cover financial losses to your business (do take note of your excess limits), your customers, and other 3rd parties following a cyber security breach.
This might cover costs associated with:
- Loss of revenue due to interrupted business
- Hiring negotiators and potentially paying ransom in extreme cases
- Recovering or replacing your records or data
- Liability and loss of third party data
- Defense of legal claims
- Investigation by a government regulator
- Copyright infringement
- Misuse of intellectual property online
- Crisis management and monitoring
- Prevention of further attacks
Insurance policies vary and with a myriad of options out there, it is best to seek professional advice. Contact AIS today to receive assistance on what insurance cover will suit your needs.