Cyber Security Will Be a Slow Evolution - Harris Balcombe Warns SMEs to Invest in the Right Protection for the Coming Year
2018 has seen its fair share of high profile security breaches - British Airways, Amazon, Facebook and FIFA are only a few of the organisations that have been hit this year and sadly, cyber attacks are occurring more frequently.
Cyber security is not only something large global organisations need to worry about. More than two in five businesses (43%) in the UK identified breaches through viruses and malware, fraudulent emails and ransomware (1). While GDPR compliance has helped SMEs get a tighter hold on their data, there is still a long way to go for business owners to protect their organisations and staff.
With 2019 on the horizon, now is a good time for SMEs to begin planning ahead. At all times they should be ensuring they are working to minimise the risks posed by potential cyber threats, as well as investing in measures to protect themselves across all areas of their businesses.
Cyber attacks are a relatively new phenomenon and many business owners fail to understand what cyber insurance cover even is. It is more than just a case of ‘you get what you pay for’ when it comes to selecting the right cyber insurance to protect their organisations from disruption.
Steven Nock, a partner at the insurance claims consulting firm and loss assessor, Harris Balcombe, is calling for businesses to plan for the year ahead by investing the time in protecting themselves from cyber threats. He believes the time has come for businesses, their insurance brokers and advisers to educate themselves on all things ‘cyber’. Here are his tips for SMEs to help navigate the changing world of cyber safety and insurance:
From the outset, make sure you properly invest the time and work closely with a trusted insurance broker - this is particularly the case when it comes to cyber insurance, given how complex the product is.
We always encourage businesses not to just buy a policy online. Cyber insurance is a complicated product that requires complex and well-considered advice.
When it comes to a potential cyber attack, you must analyse where your organisation is potentially vulnerable or exposed. Then, with the help of a trusted broker, our advice is to find a policy that covers those areas, thus ensuring you have the best possible cover in place to suit your business’s needs. Cyber insurance policies vary greatly and are not ‘one size fits all’.
When you are about to purchase cover, it is important to understand what you’re buying and the terms of the insurer. Ignoring the policy Ts & Cs could cost you at a later stage.
Consult a trusted IT expert and get them involved in implementing counter measures in accordance with your policy. This is something we have done within our own business.
Put strict processes in place to comply with every criteria in the insurance terms. Failure to comply with the terms could result in an insurer refusing to pay out in the event of a breach. At Harris Balcombe, as an example, all staff laptops are fully encrypted with three passwords.
Educate all staff on what they need to do to comply and ensure they do it, as an example regularly changing passwords. This is the first line of defence! Ideally an organisation should have a detailed IT Policy that all staff are required to sign, and compliance should be checked periodically.
Steven Nock, partner at Harris Balcombe comments: “Cyber criminals are constantly changing their tack and finding new ways to disrupt and smaller, less protected, businesses are particularly vulnerable. SMEs need to ensure that they have the best protection in place to keep their data, staff, customers and reputation safe. Investing a day with a trusted IT provider and broker may seem like a lot, but will save them valuable time and money in the long run, should they be hit by a cyber attack in the future.”
(1) Gov.UK Cyber Security Breaches 2018: UK Business and Charity Findings.