You probably have a cyber-insurance problem, but don’t know it

by | Jun 14, 2021 | Security

 

Good practice last year isn’t good enough anymore. 

Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims.

With the number of claims skyrocketing insurers are increasingly asking, “What did you do to protect yourself from the obvious and known risk from cyberhackers?”

The levels of protection you put in place 1 or 2 years ago probably aren’t adequate for the threats today.  They are evolving so rapidly.

 

So what can you do?

Hackers aren’t waiting for you to make a decision to put protections in place.

They are spending every waking moment trying to find new ways of stealing your data. They have set themselves up as businesses to do evil. They hire the best and brightest talent, and have the latest tech – simply because it’s worth it. Its organised crime and these guys are the mafia of the modern age.

We see continuous hacks on most of our clients. These are attempts to penetrate their firewalls, or guess their passwords on Office 365. We see fake webpages through phishing attempts, and we see techniques to harvest password reset questions by asking for favourite teachers, or first cars, or favourite band on platforms like FaceBook.

That’s why your cyber-insurance and business continuity insurance providers will be starting to ask more demanding questions when you renew your cover. They are well aware of the risk and they want to know that you have taken all reasonable steps.

You need to be able to reassure them that you have:

  • deep endpoint protection
  • a penetration and vulnerability assessment
  • data governance that is fit for purpose
  • awareness programmes for all users and verification
  • dark web monitoring
  • multi-factor authentication and complex passwords

and so much more – the very items we have included in our KARE for Security services. 

The question for you, and your insurer, is what level of protection is appropriate for your organisation so your insurer will cover you if you need to claim?  That is why we have two levels of cyber-protection, and, because this isn’t static, it is why we keep investing and researching additional tools to help defend you from harm.

The Hackers are turning up their attacks on you – are you turning up your defences to match?

One quote we saw recently that rang true was:

“A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.”

 

What’s your next step? We’ve created a simple 9-point checklist to help you navigate the cyber-risk landscape and find the right solution for you.

Service Alert

Service Alert

We're experiencing an extra heavy call volume today and it's proving challenging to respond as quickly as normal.  It's been brought on by an apparent Microsoft change resulting in unexpected Windows 11 upgrades.  These are happening to a number of devices even if...

Penetration Testing

Penetration Testing

Penetration testing is important for businesses because it helps them identify and fix security vulnerabilities before they can be exploited by attackers. It can be a significant job as it needs a team of security professionals to simulate a real-world cyberattack....

What would you do?

What would you do?

Imagine – you are busily going about your day when suddenly your meeting is interrupted.  “No one can access their files!!!” or “We just accidently paid $50,000 to a fraudulent account and we can’t get it reversed!!!” or something similar. What would you do? Where...

Security Updates

Security Updates

We need to make some security changes. These are in accordance with the continued work by Microsoft to protect 365 users.  This will keep your configuration current with their latest advisories but may have some (limited) impact on your IT experience.  It is all about...

Layered Security Works

Layered Security Works

There is no silver bullet in cyber-security. Best practice requires layers of protection. One of those layers is ‘geo-blocking’, which means you can only log in from specified countries and overcomes many of the African and Eastern European hacker fraternities....

Look out for LinkedIn Smart Links

Look out for LinkedIn Smart Links

This is a great example of needing new tools that didn't used to exist, to keep cyber-safe, even if they add cost to our cyber-protection. Hijacking your trust in LinkedIn Cybersecurity firm Cofense have detected phishing campaigns that used LinkedIn links called...

Is it really you?

Is it really you?

News that an elderly woman was tricked out of $100,000 over Facebook won't be a surprise to regular readers.  She was fooled into thinking she was talking to a friend, and then sending money to access some make-believe Covid fund.   AI makes it easy to speak in...