Technology is great for business, but it has also opened up the possibility of all types of cyber-crime. These are new risks that we haven’t faced before from an area where most of us are not experts.
Discussions with our clients have revealed concerns about this issue but many are unsure what they should do about it. Many of us think our data wouldn’t be valuable to hackers but recent cyber extortion cases have shown that’s a false assumption. In many cases the hacker is not interested in our data, they are targeting the value of that data to us – either by encrypting it or threatening to release it and then demanding payment.
Traditional insurance policies provide no protection to businesses for these new risks and the industry has been trying to address this need with new products coming on to the market on a regular basis. This is an area where we have seen a lot of “sales” activity from the insurance market, but not a lot of solid advice.
Prevention is always better than cure and insurance is best viewed as a back-stop for when things have gone wrong, rather than a solution in itself.
Insurance definitely has its place here (you would expect us to say nothing else) but it cannot, and should not, take the place of basic security precautions. In many cases, an insurance policy will require that basic precautions have been taken if a claim is to be paid.
To help improve our own IT security, and also to better inform our conversations with clients, earlier this year we gained Cyber Essentials accreditation with the help of Dave Evans at Cyber Aggress. Cyber Essentials is a government backed scheme that helps businesses attain a baseline level of IT security.
We learned a fair bit from this experience and wanted to share some of that information, so here’s our Top 5 Cyber Tips…. Read more