Even in today's technological age with so many business critical tasks being reliant on IT systems, we still see many businesses that don't insure and protect their most prized assets, which is their data and systems.
Cyber insurance is cover that will protect your business from threats from cyber attacks, data breaches, cyber threats, security breaches and malicious software attacks to your IT systems.
In this blog we look at how cyber insurance works, it's benefits and why you should consider investing in cyber insurance cover.
Why do businesses need cyber insurance?
There are many types of cyber attacks that your business can face, and these are becoming ever more sophisticated and common. The following are just some of the attacks reported:
- Phishing attacks.
- Others impersonating organisation in emails or online.
- Viruses, spyware or malware (excluding ransomware).
- Hacking or attempted hacking of online bank accounts.
- Takeovers of organisations or users’ accounts.
- Unauthorised accessing of files or networks by staff.
- Unauthorised accessing of files or networks by outsiders.
- Unauthorised listening into video conferences or instant messages.
SMEs are particularly vulnerable to cyber incidents because they can lack the resources, knowledge, and expertise to effectively manage cyber risks in the business.
The latest Government figures show that around a third of businesses overall (32%) and a quarter of charities (24%) report having experienced any kind of cyber security breach or attack in the last 12 months. This figure rises to 59% for medium sized businesses and 69% for large businesses.*
With over half of UK businesses having suffered some kind of cyber-attack, the need to have cyber insurance in place is increasing. Attacks are becoming more frequent and more sophisticated.
Cyber insurance won’t protect you from an attack but will mitigate the financial and operational consequences should an attack occur in your business.
*Source: Government Cyber Security Breaches Survey 2023
What does a cyber insurance policy cover?
The cover provided by cyber insurance policies will differ. This is why it is worthwhile working with a local insurance broker who is independent and can advise you on a wide range of policies that will suit your business both in terms of cover and budget.
Policies will cover costs, liabilities and losses associated with a variety of cyber incidents. You need to make sure the policy covers all potential risks including ransomware attacks, data breach, cyber-attacks and business interruption. There may be other specific risks relevant to your business, so discuss these with your insurance broker.
Your business is likely to incur costs should a cyber attack occur. These costs can include things such as recovery of data, IT support and advice, notify victims of data breaches and restoring systems.
If you experience a cyber attack, most cyber insurance policies will also cover things like financial loss to third parties, for example if you transmit a virus to a third party or disclose confidential information and a third party suffers losses. These types of liabilities are often covered by cyber liability insurance.
Limit of Indemnity is the maximum amount the policy will cover in the event of a claim, so ensure the limit of indemnity is adequate to cover the potential costs of a cyber incident.
Often with cyber insurance, you will have access to an incident response specialist who is there to advise and coordinate the steps you will need to recover from a cyber security incident. This may be investigation of your IT systems, legal advice, responding to regulators and securing your systems from future attacks.
Your broker should explain the specific policy's terms and conditions, including the claims process, notification requirements, and any sub-limits.
Cyber risks excluded from cyber insurance coverage
As with any other insurance policy there will exclusions. Get your insurance broker to explain these too you. Often with cyber cover there will be exclusions around losses relating to lack of security or because of employees’ actions. It’s therefore important to ensure your staff are well trained on processes and risks and that you have adequate IT support to ensure things like backups and system security are up to date.
Cyber insurance does not replace good cyber security processes and good training, these should go hand in hand with a good cyber insurance policy.
Considerations for selecting the appropriate cyber insurance policy
Choosing the right cyber insurance cover for your business can sometimes be overwhelming. That's where an insurance broker like Harborough Portas comes in. We work on a one-to-one basis with our clients to look at what needs covering in the business and find the best cyber insurance policy for your individual business.
When you look to take out cyber insurance, the insurer will need information around your systems, data and security controls.
Areas to consider when considering cyber insurance are:
- Consider your current cyber risk management policies in your business. How well are your systems and data protected. Aim to reduce risk in your business.
- Understand the volume of sensitive data your company is responsible for protecting. There are tools available to calculate this to prepare for getting cyber insurance quotes.
- Identify the most important data that needs protecting and worst case scenarios you want to avoid.
The Government's National Cyber Security Centre (NCSC) has excellent risk management guidance on their website here.
What's the difference between cyber risk insurance and cyber liability insurance?
It can be confusing for business owners as different insurers and brokers may use different terminology and wording to describe their products. Generally, Cyber Risk Insurance is wider cover that can include both First Party Coverage and Third-Party Liability. Cyber Liability Insurance on the other hand might not have the First Party Coverage included, and only cover your liability to third parties because of a cyber incident.
It is important when taking out Cyber Insurance to ask your broker about the coverage included in the policy so you can be sure you’re making the right decision based on your business’s needs.
Ongoing assessments of risks of cyber attacks
It’s worth noting that a lot can change during a policy year and that your business cyber security situation is rarely static. Your business may be installing new software applications, you may not have updated to new software versions, networks might be expanded to incorporate newly acquired companies, and staff might shift more towards remote working. The cyber threat landscape is always evolving, with criminals constantly looking for new vulnerabilities to exploit. For these reasons, it’s crucial you continually assess your cyber risk and we as brokers continue to advise you on your cyber insurance policy.
Manufacturing case study
In 2021, Microsoft identified Microsoft Exchange Server vulnerabilities that allowed cyber criminals to access to Microsoft Exchange Servers. Microsoft released updates to patch the vulnerabilities, but a business failed to update their software and download the update.
The cyber criminal was able to locate the company’s exchange server using a scanning tool, and as the manufacturer had not made the necessary patch that Microsoft had released to fix this security issue, the threat actor was able to exploit the vulnerabilities to gain access to our policyholder’s server.
The criminal then installed a piece of malicious code that allowed them to remotely access web servers and execute commands on them, including commands to exfiltrate data or install malware or ransomware.
Luckily for this client, they were covered by cyber insurance and the insurer had a ‘threat intelligence team; that detected the threat and got in touch with the company to tell them they would suffer a ransomware attack imminently.
This highlights key points around always doing security updates from major software providers and how cyber insurance can not only cover you in the event of an attack but with the right policies you can avoid attack if detected.
Legal case study
A law firm suffered a ransomware attack when a phishing email was sent to one of the law firm’s employees from what they assumed was a trusted contact. The email came with what looked like a MS Word document attached and said, ‘please see attached.”
To all intents and purposes, the email looked legitimate and the employee clicked on the attachment. A pop up then appeared saying it was created in a previous version of Word and to ‘click to enable content”, the employee then clicked this option. This allowed the cyber criminals to enable malicious macros which resulted in malicious software being downloaded onto the employee’s computer, allowing the hacker to gain remote access to the device.
This allowed the hacker to gain access to every password ever used on the employee’s computer, including the domain administrator account and password originally used to set up the computer. With these credentials at their disposal, the hacker was therefore able to gain higher access privileges across the law firm’s network and launch their encryption software across multiple servers. This resulted in a ransom note for the business and requesting a payment of £195,000 in bitcoin be made in exchange for the decryption key.
Fortunately, the law firm had offline back-ups stored on a USB flash drive that it could look to recover from, and the business had largely regained access to its computer systems within a 72- hour period without having to make the ransom payment.
These are just two case studies, but there are millions of cyber attacks around the globe every day and your business is at risk.
When considering Cyber Insurance options, it’s important to seek advice from a qualified broker who will help you to choose the right policy to cover the potential cyber risks that your business faces, along with the potential loss you could suffer following a cyber attack.
Cyber insurance does not negate the need for tight cyber security systems, controls and employee training in your business. A business is still responsible for its own cyber security, but in the event of a cyber attack, having the right insurance will mean you will have support and cover to deal with the consequences of an attack for both you and other affected parties. Cyber cover can provide crucial support to help your business stay afloat or get back on its feet after such an attack.
How can Harborough Portas help?
As independent insurance brokers, our relationship with insurers through the Brokerbility network, allows us to obtain the best insurance cover for your business, at the most competitive price even when competing with the National and Multinational Brokers.
We can advise on the best cyber insurance policy to suit your business needs. Get in touch with us today by calling 0116 260 0506 or email firstname.lastname@example.org for more help and advice on cyber insurance and other commercial insurance.