Cyber attacks pose a real threat to all businesses. No matter how robust the security measures in place are, the risks associated with humans can never be totally eliminated. Over 40 per cent of businesses reported a cyber-security breach or attack within the last 12 months. When such breaches occur, businesses can suffer a variety of problems. For example, businesses may need to spend huge sums on recovering from an cyber attack and implementing new cyber-security measures. In addition, workers may be unable to carry out their normal duties, resulting in a reduction in both productivity and income.
There is a variety of risk mitigation measures that can be implemented to reduce the risks of a cyber attack, as well as limit the economic impact. However, it is important for businesses to consider what the actual costs of a cyber attack could be to their business.
A Security Gap That Lead To A Cyber Attack
Construction Materials Online Ltd was fined £55,000 after the company failed to protect its customers’ personal information. In its investigation, the ICO found that the company did not have adequate cyber protection to prevent an attack. This security gap was exploited by a cyber criminal to access 669 unencrypted cardholder details. This included names, addresses, account numbers and security codes.
Cyber Insurance Policies
Cyber risks are ever evolving and it is literally impossible to mitigate all risks. Comprehensive cyber insurance policies can include a dependent Business Interruption extension. This provides you with cover if, for example, your IT provider (or anyone providing you with contracted services) were to be hacked. This could result ina negative financial, legal &/or PR impact on your business. Your business may not be the subject of a targeted cyber attack, however outsourced services providers are at far greater risk of such an attack.
When assessing your need for cover, it may be worth asking your outsourced service providers whether they have Cyber Essentials accreditation and/or comprehensive Cyber Insurance cover. Their answers will provide you with an insight into how robust their own systems may be and the resources (both financial and expertise) that may be available to them in the event of a cyber attack.
Scammers Are Sophisticated
Unfortunately, cyber criminals tend to always be one step ahead of the game. Employee cyber training is paramount in managing and mitigating risk. However, scammers are increasingly sophisticated. For instance, they send messages designed to dupe us into taking actions before we fully think them through. This is evident from some large organisations that have been affected by cyber attacks. Even highly sophisticated security infrastructures cannot eliminate the risks associated with just one single employee making a mistake. None of us can be fully protected. No matter how secure or well managed our systems are, at least not whilst we employ humans!
It is important to note that Covid-19 has resulted in a significant increase in cyber risks. Most breaches take 100 days or more to be discovered. Therefore, we could be seeing the effects of the coronavirus for months and years after our everyday lives get back to normal.
– Viruses are often undetected for 100+ days
– Humans are the key area of weakness
Cyber attacks are a global issue. Some hackers may specially target companies, however most hackers cast their nets wide in the hope of preying on human weakness.
If you would like to protect your business and have experts on hand to assist in the event of a cyber attack: