Cyber risks pose some of the biggest threats facing companies today and the frequency, severity and sophistication of cyber attacks continue their rapid upward trajectory. The information age is changing your Business models and Insurance needs, and with more stringent privacy-related regulations being enforced the stakes have never been higher for companies failing to adequately protect themselves and their customer data.
No company is immune to these digital age exposures, as some recent real-life examples will attest to:
Example 1 – Ransomware Attack
A customer called to advise they had been hacked at the highest administrator level within their company. The hackers executed a ransomware attack on all 8 of the company’s servers and requested US$14,000 per server (US$112,000 in total) be wired to an account in order for them to recover their access and data. Not only is this a potentially crippling cost to bare, the incident also posed a critical disruption to normal business operations.
Fortunately, they held a Cyber Insurance Policy, and within half an hour of lodging a claim a tele-conference was arranged with the customer’s IT service providers, the insurer’s IT forensic examiners and other representatives to determine the best course of action in response to the ransomware (which included the insurer potentially paying the ransom if it was deemed there was no other alternative). Within 24 hours a report was compiled outlining how each party would proceed, and by that evening 2 out of 8 servers were functional with no issues to report, so business could carry on whilst the rest of the data was fully recovered, and the claim was resolved.
Example 2 – Email Hackers
A customer was contacted by a supplier who was enquiring about $5,590 worth of unpaid invoices relating to their business. The customer advised they had paid the invoices using the details provided to them over email. When they quoted back the bank details from that email to the supplier it was discovered that these were incorrect. Further inspection identified that a hacker had gained access to the customer’s system and intercepted the supplier’s original email and invoice, changed the bank account details and delivered it to the customer from an unauthorised email address. Regrettably, and without a Cyber policy in place, the customer had fallen victim to the scam and needed to pay the supplier in full again to ensure business operations continued as normal, putting them out of pocket. Obtaining reimbursement from the hackers through the police became a separate and potentially unsuccessful exercise.
Unfortunately, hackers are becoming increasingly sophisticated when it comes to gaining access to your systems, and from there these malicious operators send emails and deceitfully request you transfer the money to their bank account rather than the intended recipient.
Don’t Go on Thinking ‘It Won’t Happen to Me’
These are merely two examples that show no matter the size or scope of your business; the threats to your data, operations, financials and reputation are more real than ever before and advances in technology will only serve to fuel new cyber exposures in the future.
Reducing the likelihood and severity of a successful cyber-attack, backed up with a Cyber Insurance Policy in the event anything goes wrong should be paramount for all businesses that interact with the digital world in any capacity.
Should you wish to discuss your cyber exposures or obtain a quote for a policy, please contact your Account Manager to discuss the best solution for your business.