There’s a new and increasingly potent threat facing UK businesses: the threat from cyber-attacks. According to the Cyber Security Breaches Survey 2017, 46% of all UK firms were subjected to some form of attack in 2017 – a rise of nearly 100% on 2015’s figure. With the average cost of a breach weighing in at an eye-watering £1,380 for small firms and costs for larger ones often running into the tens of thousands, it’s an issue that’s increasingly hard to ignore. What’s even more sobering is the fact that 76% of small businesses that fall foul of a cyber-attack go out of business within 6 months of the event.
With business in Hull booming – the region’s economic output has risen by 8% cent since 2014, over 20% higher than the UK’s average rate of 6.6% – it would be a tragedy to see this long-awaited recovery stifled by the preventable actions of some remote computer criminals. So, in this latest blog from Coversure Hull – Hull’s leading provider of cyber insurance cover – we’ll give you some advice as to how you can effectively keep the bad guys at bay, and how cyber insurance cover can help. But before we get to that, let’s quickly look at the likely consequences of an attack on your organisation.
Cyber-Attack: What’s The Worst That Can Happen?
Despite the increasing likelihood of an incident, many businesses still view the chances of a problem as low. This explains why an estimated 90% of UK businesses don’t have a formal cyber-attack response plan in place and why an overwhelming number don’t fully appreciate the risks they are running should a breach prove successful, risks that include;
- Costs of system recovery – depending on the type of breach you suffer; the costs of system recovery could be substantial. Self-replicating viruses and worms can wreak havoc with your network and can be extremely difficult to remove
- Loss of data – depending on the perpetrators, it may be that a hacker is after your data; either with a view to holding it to ransom through the use of ransomware or to selling it on. In either event getting it back can be expensive and can leave you exposed to ongoing blackmail
- Fines for data losses from the Information Commissioners Office (ICO) – the ICO was established to help keep people’s private date safe and they take their role very seriously. Many small business owners wrongly assume that the ICO are only interested in big corporations and only hand down fines to the likes of BT who were given a £77,000 fine for sending SPAM emails. That though is a dangerous assumption to make. Only last July Northampton-based Boomerang Video failed to take basic steps to stop its website being attacked and were fined £60,000 when one took place. The cause of the problem was their failure to carry out basic security checks on their site which led to something called SQL injection. A simple failure, a devastating result
- Compensation to third-parties if their systems are infected – if your system becomes infected and you pass that infection on to someone’s system – no matter if you did so unknowingly – you can be liable to pay for their system repairs and compensation. Just think of how many emails you send each day and to how many other businesses – now that’s enough to keep business owner awake at night…
- Reputational damage – the whole premise of the internet is to allow seamless and speedy communication. In the normal course of things that’s great; you can talk to customers and prospects more effectively than ever before without delay. Alas bad news travels fast and if you suffer a breach, the chances are it will be over the web and social media before you can say ‘firewall’. Trust is a massive issue for consumers these days, and the resulting reputational damage from an incident could be something you cannot come back from
- Business disruption – systems down, IT bods pulling your network apart and putting it back together, website offline, all this means business disruption on a massive scale for an indeterminate period of time
How To Prevent An Attack
Depending on the nature of your business and the scale of its operations there are a number of things you can do to protect yourself from exposure. If you’re a sizeable e-commerce operation or recruitment agency that’s heavy on data, then you could look to employ specialists who will try and break into your system – something that Boomerang Video would have been wise to do. If, on the other hand your business is smaller and less complex, then you can take basic steps such as;
- Don’t put off software updates – these updates matter and installing them promptly can help keep you safe
- Make sure your virus protection software is up to date – check daily for updates or better still set your virus protection to automatically update
- Don’t open suspicious emails – inboxes are much better at spotting viruses and malware these days but they are not infallible. If something comes in from someone you don’t know or which has an odd subject line and/or an attachment, just delete it
- Store data in the cloud – cloud services – such as Apple’s iCloud or Windows OneDrive – allow you to store data securely and can significantly reduce your risk of losing data from cyber attacks
- Look after your passwords – sharing passwords, using weak passwords, not updating passwords and using a single password for all your log-ins are all invitations to cyber criminals
- Consult an IT security professional – if your business won’t support a designated IT team, then look to get a consultant to look after your network. They don’t need to cost the earth and they can save your business from disaster
Cyber Insurance: Your Lifeline In The Event Of An Attack
Sadly, for most companies, cyber breaches are a matter of when, not if. If you are unlucky enough to be compromised then having cyber insurance in place could mean the difference between surviving or going to the wall. A high-quality cyber policy can give you help with
- Extortion insurance – covering you for any ransom money you are forced to pay
- Data recovery services – to allow you to use specialist IT consultants to help recover lost or stolen data
- Business interruption cover – to compensate you for any loss of earnings and/or reputational damage following a breach
- System repairs – which will pay for repairs to any digital properties, e.g. websites and databases, and the repair/rebuilding of any security protocols damaged in the attack
- Legal cover – should your data loss result in legal action under the Data Protection Act or action brought by the ICO
- Help with defence costs if your breach contaminates another’s system – should you inadvertently become the source of another’s network breach, cyber insurance will cover you against any ensuing legal action
Like Some More Help?
Businesses large and small need to get serious about the threat from cyber-attacks and do so now. Cyber insurance is a great, affordable way to do it. If you’d like to get some more independent cyber insurance advice, then please call Coversure Hull now on (01482) 434343 and one of the team will be happy to discuss your requirements or offer you a no-obligation cyber insurance quote.