Cyber security and insurance to become compulsory by 2017

UK companies of all sizes will be required to have cyber security and insurance in place as part of Network and Information Security (NIS) and General Data Protection (GDPR) legislation.

The decision comes after the increasing threat of cyber attacks with cybercrime costing global businesses around £200 billion annually. In 2014, 60% of small businesses experienced a cyber breach with the average cost of a breach being £75,000. (Source: The Insurance Times) – however currently 90% of UK companies have zero cyber insurance in place.

What are the most common cyber attacks?

The biggest fear for a company is to have data or information breached and into the wrong hands. This can lead to a huge loss of revenue and potential lawsuits from clients for mishandling key information. The most common attacks include:

  • Malware – this is a software designed to perform unnatural and unwanted actions on the computer and it can gather and steal information without the user knowing.
  • Virus or Worm – this can be replicated and spread to several other computers and networks.
  • Trojan horse – this is a backdoor code which is hard to detect by the user and can steal, corrupt or destroy data.
  • Phishing – this is a dangerous link which is usually found in an email and it causes the computer to corrupt when clicked.
  • Human – this can be as simple as an employee sending the wrong information to the press, to a competitor or stealing sensitive information from the company.

Hacking is another common method of data breach which stem from everyday causes such as a lost or stolen laptop, an employee visits a website containing malware or accidently shares sensitive information. Just think how easy it is to send an email to the wrong person through the auto-fill features that your email system uses.

If your business processes or holds personal information on your employees, customers or contractors, you’re likely to have a cyber-risk. Ask yourself, what would you do if your data was lost, stolen, altered or destroyed? How could you protect yourself?

What cyber threats are out there?

Cyber in simple terms is the threat or harm to internet services, computer networks and information. As virtually all businesses nowadays depend on their digital technology and information to run their day-to-day affairs, a single successful cyber-attack could have a serious impact on your business.

How can businesses manage Cyber risk?

  • Ensure your staff have appropriate cyber security training, so that everyone understands their role in keeping the business secure.
  • Put in place a “bringing your own device to work” policy if you allow employees to use their own devices to access and store company information.
  • Look at contracts with third party vendors providing you data storage. How do they store your data and what are they liable for if your data is breached?

How could cyber cover help your business?

Cyber cover pays for the expenses after a breach has occurred; forensic investigation experts and remedial costs, mailing costs to people impacted by a breach or being able to offer your customers credit monitoring to detect problems that may arise from a breach.

You might think you need to have big cover limits but a lower limit may be adequate if you’re a small business. Premiums start from as little as £50 for a £25,000 cover limit. How much cover you need depends on the size of your business and the type and amount of data your business manages. Higher limits are also available for larger businesses that handle a lot of sensitive data.

But it’s not just about covering the expenses – it’s ensuring you know what to do when a data breach occurs. Being able to respond quickly is critical to limit the amount of data lost and minimising the damage to your business’s reputation. Find out which level of cyber insurance cover is most appropriate for your business by using our helpful cyber risk calculator.