How to protect your business against the threat of cyber crime, by the ACT

In this month’s column for retailers, the Association of Cycle Traders explores how cyber security could save your business

This piece first appeared in the November edition of BikeBiz magazine – get your free subscription here

1. Cyber crime is the fastest growing crime in the UK
The widespread use of technology and the internet all increase the cyber exposures and risks that your business is exposed to, making you vulnerable to an attack. Social engineering attacks are increasing, and these can result in significant losses for companies.

Cyber insurance provides cover for social engineering losses, fund transfer fraud and including forensic investigation costs.

2. Employees will click on something that they should not
A significant amount of cyber claims result from human error, humans are your weakest link in IT security. Data breaches, extortion, theft of funds and ransomware attacks will generally be started by human error.

What seems to be a genuine link can allow access to your systems or collect sensitive information. Cyber insurance can provide access to risk management training which will allow you to provide training to your employees. It will also cover the third party if an employee makes a mistake.

3. Standard insurance policies fall short
Standard insurance policies fall short of providing the level of cyber cover that is suitable for businesses relying on IT to operate their business, such as email, CRM systems, data records etc.

Standard insurance policies were designed to insure buildings, machinery, plant and liabilities, they are not designed or suitable to insure cyber or digital exposures. A standard crime policy generally excludes social engineering, professional indemnity generally does not cover first party costs associated with a cyber event.

A comprehensive cyber policy will fill the gaps left by standard insurance policies and they come with risk management tools, employee training and specialist support in the event of a loss.

4. Your data assets and breach notifications
Data and information are one of the most important assets for most businesses. A standard insurance policy does not provide any cover if your data is lost, damaged or destroyed. Cyber insurance provides comprehensive cover for data restoration, reinstatement or even recreation if it is lost or corrupted.

Under the General Data Protection Regulations (GDPR) you have a legal obligation to notify a breach. Should you lose sensitive personal data you must provide written notification to those individuals that were potentially affected.

Following a data breach, it is now common for a business to voluntarily notify affected individuals to protect its reputation and brand. Cyber insurance will provide the cover for the costs associated when notifying a breach and it also can cover the associated regulatory fines and penalties.

5. External IT usage
Most businesses do not have in-house specialist IT security forensic staff to effectively deal with a cyber incident and its aftermath as well as the long-term consequences a cyber attack can bring.

Cyber insurance will provide you with access to the support you need to prevent, respond and effectively manage a cyber incident. Most cyber insurance policies come with risk management support as well as training for employees to reduce the risk of phishing or social engineering attacks.

Some cyber insurance policies also provide an element of dark web monitoring for signs your data may have been compromised. In the event of a claim, a comprehensive cyber insurance policy will provide you with access to IT experts, forensic experts, PR firms and lawyers to assist you and help to protect your business reputation.

To get a free cyber insurance quote visit the ACT website and check out the business insurance section, or phone Butterworth Spengler on 0151 494 4400.