Author: Allen Simpson, Director at R K Henshall and Co Ltd
Advances in technology over the last few years mean that nearly every business relies on the internet and digital technology to help them go about their day to day business.
For the majority of your members this will have no doubt had a major effect on the way that they engage with your organisation and in the majority of cases this will have made life much easier. However there is a growing risk to us all and it is becoming more and more prevalent… Cyber Attacks!!
A 2015 government survey revealed that an estimated 90 per cent of large organisations and 74 per cent of SMEs had suffered a cyber attack within the past year. The average cost of an attack varied widely—from £115,000 to £1.46 million—depending on the size of the organisation and the nature of the attack.
Despite the frequency of cyber attacks and the damage they can inflict, more than one-fifth of SMEs – including membership organisations – do not believe that they are a target for cyber criminals. However, those SMEs are seriously mistaken—while SMEs generally possess far more data than the average person, they often do not have any considerable preventative measures in place to protect themselves against cyber threats, and, thus, are particularly attractive targets to cyber thieves.
Cyber Crime is now the Most Common Criminal Offence.
Cyber crime—which includes the theft of personal information, online harassment or bullying, and disruption of trade—was recognised as the United Kingdom’s most common criminal offence by the Office for National Statistics. Within the last year alone, there were nearly 8 million cases of cyber crime—costing the UK economy more than an estimated £16 billion.
Between May and August of this year, an estimated 2.5 million computers were hacked. As a result, cyber criminals were able to gain access to home addresses, credit card numbers, bank account details and other personal information. There have been many high profile cyber security breaches and prosecutions including the Crown Prosecution Service!
Crown Prosecution Service fined £200,000 for failing to secure recorded police interviews
The Crown Prosecution Service was fined £200,000 after laptops containing videos of police interviews pertaining to 31 investigations dealing with violent or sexual crimes were stolen from a private film studio. A Manchester-based film company had possession of the laptops in order to edit the videos to be used in forthcoming criminal proceedings. In its investigation, the ICO found that the company had insufficient building security and failed to encrypt the information that was on the two laptops. While the police were able to recover the two laptops and none of the information had been tampered with, the ICO ruled that the Crown Prosecution Service was negligent in ensuring the safety of the information contained on the two laptops.
Cyber Security Best Practice
It is recommended treating the threat as very serious and to act accordingly. To protect an organisation from cyber crime the following three pieces of advice are offered:
- Install security software: Security software provides you with multiple layers of defence:
- Firewalls control who and what can communicate with your computer online—allowing communications that it knows are safe and blocking those that could be potentially hazardous.
- Antivirus software monitors all online activities—including email and Web browsing—and protects your computer from viruses, worms, Trojan horses and other types of malicious programs. Included in some antivirus software programs is antispyware, which can protect from spyware and potentially unwanted programs, such as adware.
- Choose a strong password: Create a password that is at least eight characters long and is a mix of lower and upper case letters, numbers and symbols. Avoid using things like birthdays or other important dates, the name of loved ones or pets as well as other personal details such as your favourite sports team. Additionally, you should choose a new password every 90 days.
- Encrypt your hard drive: Encryption translates your data into a code that only you (and anyone you choose to share it with) would be able to understand.
Cyber Liability Insurance
The recent high profile cyber attacks have highlighted the fact that even the most sophisticated firewalls can be breached. Luckily the insurance industry has been working hard to provide a comprehensive and innovative insurance product to protect organisations in the event of a Cyber attack.
Cyber liability Insurance provides your membership organisation with protection against financial loss resulting from the loss of personal and / or corporate data. Cover can range from the financial losses of the insured or a third party as a result of the loss of personal or corporate data.
Examples could include:
- Losing a USB stick that contains personal data
- Leaving a laptop on the train
- An employee sending an e-mail to the wrong person
- Loss of client or customer confidential or sensitive information.
- Losing a hard copy of sensitive data (The cover extends to loss of data in hard copy format too!)
The core policy cover includes: data liability (loss of personal and corporate information, outsourcing and network security); administrative obligations (data administration innovation and fines); and reputation and responses costs (pro-active forensic services, repair of the individuals and company’s reputation, notification to data subjects, monitoring and electronic data).
Optional policy provides further peace of mind by covering for multimedia liability, network interruption as well as cyber and privacy extortion.
Want to learn more? Contact Allen: [email protected]
R K Henshall and Co Ltd is an Independent Insurance Intermediary and is part of the Brokerbility Group of Insurance Brokers. The Brokerbility Group writes over £ 600 m of Premium in the UK Insurance Market and uses it’s influence to develop cutting edge and innovative insurance products with the UK’s leading insurers. R K Henshall and Co Ltd has developed a cutting edge Cyber Liability Insurance Product with a number of enhancements that is available at a competitive premium.