Good practice last year isn’t good enough anymore.
Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims.
With the number of claims skyrocketing insurers are increasingly asking, “What did you do to protect yourself from the obvious and known risk from cyberhackers?”
The levels of protection you put in place 1 or 2 years ago probably aren’t adequate for the threats today. They are evolving so rapidly.
So what can you do?
Hackers aren’t waiting for you to make a decision to put protections in place.
They are spending every waking moment trying to find new ways of stealing your data. They have set themselves up as businesses to do evil. They hire the best and brightest talent, and have the latest tech – simply because it’s worth it. Its organised crime and these guys are the mafia of the modern age.
We see continuous hacks on most of our clients. These are attempts to penetrate their firewalls, or guess their passwords on Office 365. We see fake webpages through phishing attempts, and we see techniques to harvest password reset questions by asking for favourite teachers, or first cars, or favourite band on platforms like FaceBook.
That’s why your cyber-insurance and business continuity insurance providers will be starting to ask more demanding questions when you renew your cover. They are well aware of the risk and they want to know that you have taken all reasonable steps.
You need to be able to reassure them that you have:
- deep endpoint protection
- a penetration and vulnerability assessment
- data governance that is fit for purpose
- awareness programmes for all users and verification
- dark web monitoring
- multi-factor authentication and complex passwords
and so much more – the very items we have included in our KARE for Security services.
The question for you, and your insurer, is what level of protection is appropriate for your organisation so your insurer will cover you if you need to claim? That is why we have two levels of cyber-protection, and, because this isn’t static, it is why we keep investing and researching additional tools to help defend you from harm.
The Hackers are turning up their attacks on you – are you turning up your defences to match?
One quote we saw recently that rang true was:
“A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.”
What’s your next step? We’ve created a simple 9-point checklist to help you navigate the cyber-risk landscape and find the right solution for you.
Manage My Health Data Breach – What We’ve Heard
What New Zealand Businesses Need to Learn from 126,000 Compromised Patient Records New Zealand's largest patient information portal confirmed a major cyber security breach on New Year's Eve, with up to 126,000 users potentially affected. The Manage My Health incident...
URGENT ADVISORY: We’re seeing a significant increase in authentication attacks this Christmas
Significant Hacking Trend Over this 2025/26 Christmas and New Year period, our Kinetics KARE security monitoring has detected a significant increase in sophisticated authentication attacks targeting New Zealand businesses. KARE Foundation clients are protected and...
Your Customers Need to Trust Your Emails: Here’s How DMARC 2.0 Helps
Yet another IT acronym: "DMARC" DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It's an email authentication protocol that helps protect your domain from being used in email spoofing, phishing attacks, and other cyber...
Christmas is coming. But will you get a visit from Santa or from a grinchy hacker?
Protecting Yourself from Cyber Threats While on Holiday We're more vulnerable than normal to hackers at this time of year. Unfortunately, the hackers know it and tend to be more aggressive.In the rush up to Christmas, there's normally so much to do that we're all that...
Understanding Your Microsoft Secure Score: Why Your Percentage May Drop (While Your Security Improves)
Important Update for KARE Foundation Subscribers If you've noticed your Microsoft Secure Score percentage decreasing recently, don't be alarmed. Your security hasn't weakened. In fact, Microsoft is making significant enhancements that will ultimately make your...
2025 Q4: Cyber Landscape Update (are you still feeling lucky? New Zealand’s Cyber-threat landscape demands action)
Why This Brief Matters A cybercriminal only has to be lucky once. You have to be lucky every minute of every day. That remains the stark reality for kiwi businesses in Q4 2025. This isn't another dry technical report filled with acronyms and alerts. Kinetics has...
SpamGPT: When AI Becomes a Phishing Playbook—And How to Protect Your Business
For years, we've told businesses to watch for telltale phishing signs: poor grammar, suspicious sender addresses, generic greetings. But what happens when cybercriminals have access to the same sophisticated AI tools your marketing team uses—except weaponised...
The Rise of AI-Powered Ransomware
Unveiling a dark future: The First AI-Powered Ransomware In a groundbreaking discovery, researchers at ESET have uncovered what they believe to be the first known AI-powered ransomware strain, aptly named PromptLock. This sophisticated malware is not just a step...
Webinar Replay: Rethinking Endpoint Security: Smarter Strategies for a Safer Business
Cyber-protection keeps getting more complex, more restrictive and more expensive. This month we are talking with expert Thomas Shobbrook. He updates us on the latest security trends and help us understand how well protected your device is out-of-the-box. We ask...
Webinar Replay – Securing the Mobile Frontier: Cybersecurity Essentials for Phones and Tablets for Modern Businesses
As mobile devices become the backbone of modern business operations, they also present a growing target for cyber threats. Apple or Android - they're both important. Every time you use these to access your Teams, Email or anything else, you are relying on them to be...