10 Tips to Avoid Cyber Crime
- Change all default passwords on your personal and work devices
- Regularly check for updates to the operating systems of my laptop, computer and mobile phone
- Install strong anti-virus software and keep it updated
- Think twice before clicking an unknown link or attachment in an email
- Never authorise payments over the telephone to minimise risk of fraud
- Do not share sensitive information on social media that could be used against you in phishing attacks
- Back up your entire system at least once a week on an external hard drive or cloud, preferably both
- Encrypt my mobile phone and all of my other devices with strong passwords
- Talk to your children and parents about how to stay safe online
- Be prepared just in case the worst happens, purchase a Cyber Insurance policy to save the day.
10 Tips Why you Need Cyber Security Insurance in 2019
TIP 1- Data, one of the most important assets to a business or individual, is not covered by a standard business insurance policy.
A typical business would agree that data and information is of paramount importance in terms of running of the company. Its value could be considered monumental, surpassing the value of the IT equipment that is used in the storing of data. Businesses need to be educated to know that their standard business insurance policy would not cover the loss of data or the consequences following a cyber attack. This is where a cyber policy becomes vital, as it provides comprehensive cover for the restoring and rectifying of data following a cyber attack.
TIP 2 -Standard business interruption insurance does not cover systems which are critical to the functioning of your daily business, during their downtime.
Every business, no matter how large or small, relies heavily on systems to perform their core tasks. This may vary from things such as point of sale software to electronic reservation systems. In the event of a computer hack, which are becoming increasingly more common, or a malicious employee damaging these systems, your standard business interruption policy would not respond. Cyber insurance will provide cover for loss of profit due to a system failure which comes about as a result of a ‘non-physical’ peril. An example would be a virus or denial of service attack.
TIP 3 – Cyber crime has become the most common global crime, however most standard business insurances will not cover losses following an attack.
Every day a new type or variation of cyber crime emerges into our society. This mixed in with the increasing amount of data stored on the internet means that businesses are now a target for criminals. Traditional insurance policies will not cover certain crimes such as hacking via the telephone, the theft of identity and phishing scams. Cyber insurance can provide comprehensive crime cover for a wide range of electronic perils that are increasingly threatening the financial resources of today’s businesses.
TIP 4 – You or your business could be held liable if any third party data is lost or destroyed.
Businesses hold more data than ever before and often this data belongs to customers and suppliers. Non-disclosure agreements and commercial contracts often contain warranties and indemnities in relation to the security of data that can trigger costly damage claims in the event that the business experiences a breach. Increasingly, consumers are also seeking legal redress in the event that businesses lose data. This risk is further heightened in the event that a business holds data on US consumers.
TIP 5 – The loss of credit card data can result in severe penalties for retailers.
Globally, credit card crime is estimated to be worth over $7.5bn and increasingly risk is being transferred to the business that loses data. Under merchant service agreements, affected retailers can be held liable for forensic investigation costs, payment card re-issuance costs and the actual fraud conducted on stolen cards. Losses often run into hundreds of thousands of pounds for even a small business. Cyber Crime insurance can protect you and your business against these costs.
TIP 6 – Complying with breach notification laws costs time and money.
Breach notification laws are slowly being activated across many countries. These laws generally require businesses that lose sensitive personal data to provide written notification to the individuals that are affected. Currently legal obligations only exist in a few countries, however this is changing and there is a growing trend towards transparency which protects brand and reputation. The general pubic expect openness and transparency from the company they entrusted with their data. Cyber Crime Insurance policies offer cover for costs associated with providing a breach notice even when not legally required.
TIP 7 – How your business is publicly represented is important, so it makes sense to insure it.
Businesses are built on reputation. New technology threats, such as cyber attacks, that may affect a business’s reputation cannot traditionally be insured. Cyber Liability Insurance can now respond to these risks. It is not just financial loss that can occur because of a system failure or breach, a business may also lose the trust of your loyal customers. A Cyber Liability policy can help cover the costs of hiring a PR firm to help restore your reputation and customer trust. Also covered is the loss of sales and revenue caused by clients transferring to competitors.
TIP 8 – Social media is now massive exposing businesses.
Social media is the fastest growing platform across the globe. Users exchange views and information at rapid speeds exposing their information to the world. It is often difficult to control what is posted online and how it may be perceived which increases liability for businesses that are responsible for their employee’s actions. Cyber Insurance can provide cover for leaked information, slanderous statements or copyright issues that occur on social media sites.
TIP 9 – The risk of data loss and theft is increasing because of more portable devices.
The popularity of portable devices has meant that important and confidential data can be easily lost or stolen. An Employee leaving a laptop a train, an iPad stolen in a restaurant, or a USB stick going missing are common exposures to a business. These particular devices are being targeted by criminals with a growing number of viruses being built just for them. Cyber Insurance can cover the costs associated with a data breach should a portable device be lost, stolen or fall victim to a virus.
TIP 10 – Small businesses are at risk of a hacker attacks as much as large corporations.
Over a third of global targeted attacks are aimed at small businesses. Cyber attacks are quickly becoming a concerning risk from small business, making cyber liability insurance an essential consideration. It will protect smaller companies against the potentially devastating financial effects of a privacy breach or loss of data.
Click here for a Free Cyber Insurance Quotation
GDPR & Cyber Insurance Go Hand in Hand
Everyone has heard about GDPR and you have probably spent time making sure your business is GDPR compliant, you’ll no doubt understand that compliance is an ongoing process. To help you make sure that you don’t fall into any hidden pitfalls when it comes to compliance, we’ve put together a list of different ways you might breach the new data protection rules. With that in mind, here are some potential GDPR breaches to be mindful of now and in the future:
Sending Insecure emails
GDPR is all about protecting personal data and email is perhaps one of the most common ways of sending personal data. If you’re using an email hosting service (ie you send emails from an address like firstname.lastname@example.org) then you will want to set up a secure email, to reduce the risk of a data breach. This is because unfortunately most standard email hosting services aren’t encrypted by default, making them vulnerable to being breached. That means if a third-party is able to intercept your emails, they’ll be able to access the body text of the email, along with any attachments. You can avoid this happening by you setting up secure email hosting.
Sending an email to a mistaken account
You might think that this is an obvious one, but you’d be surprised by how often it happens and how significant a data breach it can lead to. Double checking who you’re sending something to is a good start, however it’s not full proof. If you need to send an email containing sensitive and personal data, it would be a good idea to send the document as password protected. The recipient can get the password from you using a different more secure communication channel. This means that if the document containing your data falls into the wrong hands, they still won’t be able to access it.
Using file sharing services without passwords
Services such as Dropbox is a great way to quickly share large files. But if you’re using it to share personal data, then you have to ensure that data is secure. It’s tempting to think that creating a shared file that can only be accessed by people who have the right link is secure enough, but if that link falls into the wrong hands, you’ll be responsible for a data breach. For this reason, you may want to password protect all personal data when sending it via a file sharing service, and then delete the data from the file sharing service as soon as you can.
Using Insecure online productivity services to store personal data
Online productivity services are a great place to build documents as they are free. But they’re also potential data breaches waiting to happen. If you’re storing personal data on a service like Google Docs or Google Sheets, then it’s not enough to have those documents set to “anyone with link can edit” and of course they should never be set to public.
Instead, you should strongly consider specifying exactly who can access these documents (this tends to be done by email address), as well as password protecting and encrypting them.
Kept Personal data isn’t password protected at all times
We have already mentioned that you should password protected personal data when sending it to someone else, but make sure you password protect and encrypt this data even if you plan on keeping it yourself. If you leave a device containing personal data in a public place and it’s not password protected and encrypted, that’s a data
breach.Remember to make sure all personal data is secure wherever it’s stored and whatever you intend to do with it.
Although password protecting personal data is vital, that on its own is not enough. If your password is too easy, then you’re still running the risk of a data breach.
So make sure your passwords are:
- Long and complex – include a mix of letters, numbers, and special characters
- Unique – never be tempted to use the same password more than once
- Kept private – If you do need to share a password, for example if someone need to access a Dropbox file, then make sure it is a unique password and never use it again. Never share logins and passwords for accounts or applications that contain personal data – this is insecure and may even make it harder to pinpoint the cause of a breach should one occur.A common complaint here is that it’s hard to remember several long and complex passwords. To counter this, you can always use a password management system such as Last Pass.
Cyber liability Insurance
If your business deals with personal data, it is of paramount importance that you have a cyber liability insurance policy put in place to safeguard your business if there is breach through a hacking for example. The above points are very important to consider however it won’t always be enough. Most hackers are professionals and can get through all the precautions that you put in place, what do you do then? It is always worth having a cyber liability policy to make sure you are prepared if the worst does unfortunately occur.
Click here for a Free Cyber Insurance Quotation
Cyber Insurance Claims Have Soared
The majority of these losses were underinsured.
Types of risks include:
- Unauthorised access and impersonation fraud
- Employee negligence
- Cyber criminals holding companies to ransom by hacking sensitive data online and threatening to reveal it
Click here for a Free Cyber Insurance Quotation