Cyber attack – Are You Too Complacent?

Reports of large scale cyber attacks are prevalent and regularly make mainstream news, such as the attack on the Marriott Hotel group in September 2018, compromising the personal data of up to 500 million guests, or the data breach at British Airways in August 2018, in which hackers infiltrated around 380,000 transactions, giving them access to customers’ personal and financial details.

The reality for small businesses is that it’s not just large scale attacks which are on the increase. Cyber crime is growing at a phenomenal rate, with attacks becoming increasingly commonplace and affecting more small businesses than ever before.

According to a survey by the Federation of Small Businesses, the UK’s 5.4 million small businesses are collectively attacked more than seven million times a year. In the years 2014 and 2015, this cost the UK economy over £5.26 billion.

With these facts as a backdrop and plenty of evidence to show that businesses are being targeted every day, it’s surprising to find that some business people still believe they are safe from attack. They could not be more wrong. Passwords and usernames can easily be stolen and systems breached or hacked. Employees can easily download a virus or malware into the entire business network, simply by clicking on an email attachment.

In the case of an optician, an employee clicked a link giving details of an alleged speeding offence, inadvertently triggering an email from Russia, advising that Cryptolocker had infected all their business systems and demanding a Bitcoin ransom to receive a decryption key.

The resulting downtime, business interruption and potential loss of data is bad enough, but what about the threat of reputational damage? The Small Business Reputation and Cyber Risk Report, launched in February 2016 by the Government’s Cyber Streetwise campaign and KPMG, revealed that 83% of consumers surveyed expressed concern about which businesses had access to their data and whether it was safe, and over half said that a cyber breach would discourage them from using a business in the future.

There is also the matter of recovery after an attack. The same report revealed that one in four companies surveyed who had experienced a breach had been unable to grow in line with previous expectations and nearly a third took over six months to get back on track. Fortunately, the aforementioned optician had taken out business interruption insurance, which covered the cost of not being able to trade for a few days and getting the business back up to speed over the following weeks.

Given the prevalence and widespread nature of cyber crime, Mathews Comfort believes all businesses should now be looking at cyber insurance on the same level of importance as motor or employers’ liability insurance. In the current climate, it’s not simply a good idea, but a necessity, particularly as traditional insurance policies may not respond to losses involving IT.

By utilising the latest security information and assessing your company’s exposure to cyber attack, we can tailor a cyber policy to meet your specific requirements. This can include such covers as cyber terrorism and extortion, loss of revenue, costs of containing a breach and public relations expenses to limit reputation impact. It can also include multimedia liability, intellectual property infringement, expenses to notify victims and third party & employee privacy liability for damages and claims.

In an uncertain world, cyber insurance helps to provide a level of certainty, giving you the peace of mind that your business is protected against malicious attack and the ensuing fall out. Our advice is don’t be complacent and don't wait till you’re under attack. Talk to us today about putting protection in place. Call 01865 20800 or email info@mathewscomfort.com today.