Getting your Business Cyber Aware
Jonathan Cox is a Chartered Insurance Broker based in our Exeter Office at Peninsula Park. Working as an Account Director, Jonathan manages the insurance portfolios of many businesses in the South West. In this article Jonathan shares his expertise on how cyber crime and data breaches are becoming a common threat for businesses in Devon.
“One of the first known computer virus to spread ‘in the wild’ was named ‘Elk Cloner’. Written in 1982, by a 15 year old student as a practical joke, the virus was written to target the operating systems of the Apple II Systems, the leading computers at the time. Once an infected disk was inserted into a machine, a copy of Elk Cloner was placed in memory and would subsequently copy itself onto an uninfected disk. With this clever method of transportation, the virus was able to easily spread from machine to machine. Although seemingly harmless at the time, it soon paved the way for more sinister versions to follow in its footsteps.
Since then, millions of viruses, malware, Trojans and spyware (to name a few types) have appeared worldwide making the headlines. A recent example is the ‘Wannacry’ ransomware attack which targeted computers in countries across the world. Many organisations in the UK were affected, however the impact the attack had on the NHS made headline news. A total of 47 NHS organisations were affected, resulting in the cancellation of routine procedures and appointments.”
Smaller firms can be bigger targets
“It is a common misconception that only large businesses and organisations are targeted, however in a recent survey, nearly half of the global attacks logged were against companies with fewer than 250 employees, with the average breach costing an estimated £3,480.
No matter the size of your business, you are required under the Data Protection Act to keep the personal data of your customers safe and secure. With the General Data Protection Regulations coming in to play in May 2018, it is vital that you take the necessary steps to prevent a cyber breach, failure to have processes in place can result in you being subject to the new and very hefty fines (and even proscecution) from the Information Commissioners Office (ICO).”
Reducing the risk to your business
- Ensure your software is up to date and that you have the latest anti-virus software installed as updates are released frequently to help combat the most recent cyber threats.
- Staff training is essential. Educate your employees on how to recognise suspicious emails and browse the internet safely. Cyber awareness should be included in part of your induction process and revisited in regular refresher sessions.
- Ensure you have an incident response plan in place which you can call upon in the event of a breach or interruption. This should include technical measures that enable the recovery of systems, operations and data, and a communication strategy if necessary.
- If you are looking for additional advice and guidance on prevention, we would recommend the Cyber Essentials website, a government-backed cyber security certification scheme that sets out a good baseline of security suitable for all organisations across all sectors.
If it happens… who is there to help?
“As a business it would be wise to have a designated employee responsible for data and IT security. Unfortunatley, even with the tightest security and processes, breaches can still occur, therefore we would advise that you consider investing in cyber insurance. Whilst this is not a replacement for robust IT security, data protection and a response plan, it can act as a safety net. A comprehensive policy helps protect your organisation from the moment a cyber or data breach occurs, providing you with access to dedicated experts who can work alongside you providing legal support, data recovery, assistance with your communication strategy and an IT forensics assessment recommending preventative measures to avoid a further attack.”
If you would like any independent insurance advice on the matter or would like to arrange a review of your insurance, please get in touch with our Exeter office on 01392 880000.
This article was previously published in Grow Magazine; Issue 02, November 2017.