Requests for Cyber Liability Insurance are at an all time high compared to the last five years as they should be. The security of every network is at risk despite continuous efforts to safeguard valuable and sensitive data. This has become even more evident as the media responds to cyber attacks aimed at government organizations who can hire the best talent and most sophisticated data protection software to ward off an invader. So then, what does this mean for the small business owner when it happens to them? First, consider the various attacks that can devastate your business.
Social Engineering Cyber Fraud
This type of attack is more about conning a person rather than creating a data breach. It comes in the form of an email that appears very authentic coming from someone you know and trust, requesting sensitive data or money for some authentic-looking reason.
A typical example would be for someone who is responsible for wiring funds for major transactions such as a business acquisition. That person would receive an email from the CEO that provides authorization to wire funds to a bank account listed in an email to close rapidly on an ongoing negotiation. The issue here is quite obvious to the Monday morning quarterback. The CEO’s email was hacked and the account listed is a hacker’s bank account somewhere off-shore. These types of hacks are not well publicized in an effort to save the reputation of the company, but they happen frequently none-the-less.
Denial of Service
One of the more common attacks, a denial of service attack is an extreme measure to bring down a computer system. It’s carried out by a virus that has infected multiple computers (sometimes thousands) that attempt to log in to a particular website and causing it to overload and shut down the business’ operation. Recently, Delta Airlines’ system crashed leading to thousands of flight cancellations and leaving thousands of travelers stranded. Delta attributed this to a power outage, but wouldn’t a company that size have generators to backup the power grid?
Phishing is a term that most people are familiar with because it attempted at almost everyone who has an email account. The hacker sends out thousands of emails with a link or attachment that includes a virus. Once the recipient clicks on the link or attachment, the virus is embedded into the system and the hacker assumes control by penetrating the software on the system.
Ransomware has also become popular with the hacking crowd. This is a virus that typically finds its way to your system through a bogus website or email. Once infected, your system becomes “locked” and a message will appear on your screen that you must pay a fee (ransom) in order to have your system unlocked. Some of these schemes are actually bogus and the system is actually locked, but the inexperienced computer user may go ahead and pay the ransom rather than verify that the data was encrypted.
Malware is a catch-all term used to indicate any type of virus or worm that can affect your computer. Once malware has infected your system, it typically causes the intended damage which could also include erasing all of the data on the hard drive.
Most computer users envision a computer hacker to be an overeducated computer criminal, fired-up on Redbull and chain-smoking at four in the morning in their parent’s basement. They also envision a team of sophisticated hackers huddled in a room somewhere in Russia, who have nothing better to do than wreck your digital life and financially devastate your company.
You should also consider that every employee you terminate is also a risk to your system’s well being. Angry former employees are well known for nefarious acts to get even with an employer when they feel they’ve been wronged. They have passwords and they will use them.
Cyber Liability Insurance will not prevent a hacker from stealing sensitive information in your system. At this point, as hackers seem to stay ahead of the anti-virus crowd, there may be little you can do to completely prevent a hacker from gaining access to your system.
A Cyber Liability policy will, however, pay the funds you’ll need if or when your data breach happens. The insurance company will pay for the regulatory fines and additional expenses that result from a data breach. The policy provides coverage for all the expenditures that you’ll have to make to repair your relationship with your customers, employees, vendors, and anyone else’s information that you were responsible for protecting.