Worried about cyberattacks on your business? One of the effective measures is insurance
17. February 2021
Until a few years ago, it was unimaginable that cyberattacks would one day be a daily reality. Today, companies around the world are exposed to them, regardless of their size or line of business. However, the targets of attackers do not include only large companies, hospitals or public institutions. Increasingly, these are also small and medium-sized companies and entrepreneurs whose weak protection makes them an “easy target” for attackers.
The tactics used by attackers are different, and sometimes it is practically impossible even for experienced users of modern technology to identify that they have become the target of an attack.
Most likely, you also have someone in your area who has already experienced an attack through a computer or mobile phone.
More technologies, more risk
With the development and expansion of modern technologies, more frequent use of the Internet, the constantly growing number of mobile devices and the overall dependence on IT solutions, the risk of cyber threats increases. The result is most often the leakage of sensitive data for the protection of which the company is responsible to its clients, partners or employees (third party loss), as well as damage that concerns the company itself due to the fact that it has become the target of blackmailing (“ransomware”) or that there has been, for example, an interruption of operations due to a cyberattack (first party loss). All of this is an everyday threat to the operation of all companies, because computers and data control the vast majority of activities today.
Do you use working from home? Your vulnerability has probably increased
Until recently, working from home was a sought-after employee benefit. Today, due to the still raging global pandemic, most companies use it as one of the few alternatives to utilise their “knowledge employees”, who can work efficiently from outside their primary workplace. However, few of us have such IT security in our home “office” as in the company. And attackers are aware of that. Even here the weakest link is not necessarily the technology. Phishing emails misuse the fact that people are not vigilant enough to protect their access data and passwords, and often inadvertently divulge them if the email looks trustworthy enough.
Protection against these attacks and their consequences can take many forms. For the company, this is a virtually never-ending effort, because attackers are constantly coming up with new ways and their activities can directly threaten the company’s business continuity.
The solution is a combination of measures
Insurers’ statistics from recent years confirm that the biggest risk and most common cause of damage in CYBER insurance is employees (negligence or wilful misconduct accounts for 33% of damage), followed by hacker attacks (29% of damage) and, finally, stolen or lost mobile phones, laptops, etc. (14% of damage).
The most effective are solutions that combine several measures: adequate security of corporate IT systems, constant education among employees, who according to surveys are the most common target of cyber attackers, as well as high-quality cyber risk insurance (CYBER insurance).
Interest in such insurance has been growing worldwide and the view of it has also been changing in this country, where companies have so far tended to underestimate these risks. However, after a series of attacks that Czech companies have faced in recent months, it is clear that this is a problem that really affects everyone.
CYBER insurance is useful for every company, but for some it is almost a necessity today. Particularly endangered are companies that:
- process large databases containing client, personal or employee data, including names, addresses, bank account details, etc.;
- actively use their websites or social networks for their business;
- accept card payments or use electronic payments;
- store their data in the cloud or through cloud services;
- are crucially dependent on online IT solutions in production or trade.
What can be insured through cyber risk insurance?
CYBER insurance provides insurance protection for the following cases:
- leakage (loss, theft) of personal data, data and information from the company’s information system or computer, whether accidental or negligent;
- targeted attack on IT systems from outside or even inside the company in order to gain access to data and cause damage;
- blackmailing of the company, including the associated costs, especially in data and system recovery;
- costs of regulatory proceedings, including costs of GDPR penalties as a result of a cyber incident;
- interruption of the insured company’s operation (outage of systems) and related lost profits.
The amount of insurance depends on a number of factors. What is important is the line of business, as well as, of course, the volume of data and information that the company interested in insurance works with. The method of data protection in the company, the scope of service outsourcing and, last but not least, the required coverage and limits of insurance benefits play a crucial role. Our specialists have experience with setting up insurance programmes for companies of all sizes. They will assess the specific risks that your company faces in order to adjust the scope of insurance accordingly.
Even if you do business abroad (or are about to do so), we are able to provide you with the most advantageous insurance conditions that are currently available on the market, thanks to our international know-how and contacts with the world’s leading insurers.
Michal Pilecky
Cyber Risk Insurance Specialist, RENOMIA