Good practice last year isn’t good enough anymore.
Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims.
With the number of claims skyrocketing insurers are increasingly asking, “What did you do to protect yourself from the obvious and known risk from cyberhackers?”
The levels of protection you put in place 1 or 2 years ago probably aren’t adequate for the threats today. They are evolving so rapidly.
So what can you do?
Hackers aren’t waiting for you to make a decision to put protections in place.
They are spending every waking moment trying to find new ways of stealing your data. They have set themselves up as businesses to do evil. They hire the best and brightest talent, and have the latest tech – simply because it’s worth it. Its organised crime and these guys are the mafia of the modern age.
We see continuous hacks on most of our clients. These are attempts to penetrate their firewalls, or guess their passwords on Office 365. We see fake webpages through phishing attempts, and we see techniques to harvest password reset questions by asking for favourite teachers, or first cars, or favourite band on platforms like FaceBook.
That’s why your cyber-insurance and business continuity insurance providers will be starting to ask more demanding questions when you renew your cover. They are well aware of the risk and they want to know that you have taken all reasonable steps.
You need to be able to reassure them that you have:
- deep endpoint protection
- a penetration and vulnerability assessment
- data governance that is fit for purpose
- awareness programmes for all users and verification
- dark web monitoring
- multi-factor authentication and complex passwords
and so much more – the very items we have included in our KARE for Security services.
The question for you, and your insurer, is what level of protection is appropriate for your organisation so your insurer will cover you if you need to claim? That is why we have two levels of cyber-protection, and, because this isn’t static, it is why we keep investing and researching additional tools to help defend you from harm.
The Hackers are turning up their attacks on you – are you turning up your defences to match?
One quote we saw recently that rang true was:
“A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.”
What’s your next step? We’ve created a simple 9-point checklist to help you navigate the cyber-risk landscape and find the right solution for you.
Ransomware claims increase 27%
The Coalition Insurance "2023 Cyber Claims Report: Mid-year Update" highlights the changing nature of the cyber threat landscape that businesses are currently facing, with a record surge in claims severity compared to the previous year. This is US data but it tends...
Webinar Replay : Learn How to Protect Yourself from the Darkweb Now
What does it mean If your personal details are leaked on the darkweb? Learn how you can manage your risks.The darkweb is a network of websites and servers that are not indexed by traditional search engines and require special software to access. It's a place where...
Protect Yourself from AI Phone Scams: A Terrifying New Trend
The rise of AI phone scams has brought personal targeting to a whole new level. Scammers are using AI-created fake texts (smishing) or even AI -created cloned voices of social media users. It has already found its way to New Zealand shores - New AI combats text...
KARE – Will your support plan need to change?
2008 was a long time ago. New Zealand was a different place. The IT maintenance needs of business were so much simpler! Locally, there was a change of government. Internationally, we were watching the start of the GFC with the fall of Lehman Bros bank. In the...
Putting a light on the dark web with upgraded monitoring
What's the Dark Web? The Dark Web, is often associated with a veil of notoriety, is a part of the internet intentionally hidden from traditional search engines. It requires specific software, such as Tor, to access, offering an anonymous platform where privacy is...
When does using CC in an email become a privacy breach?
Sometimes you need to use the BCC (Blind carbon copy) function in email! Last month, the email addresses of 147 gun owners were shared in an email. Whoever was sending the email put everyone in the 'cc' line. That meant their email addresses could be read by anyone...
Don’t accidentally throw away your WiFi!
Canon just sent out a warning. Wipe your old printers before selling/discarding them! It seems that printer technicians can access the memory and go into settings to uncover old Wifi passwords. Their advisory seems to suggest wiping the settings a couple of times...
Avoiding Subscription Bombs
If 10,000 emails suddenly flooded your inbox, what would you do? Suddenly any real messages will be lost in the blitz of spam that's overloading your screen. It is hard enough to delete all those messages, let alone filter out the genuine ones from the flood. This...
Gotcha!
"GROUP-IB" are a Singapore-based cyber-security provider. They go deep into the cyber-crime sphere and it's paid off. After 30+ attacks, and over $US30M stolen, "OPERA1ER" have been caught! They describe a bad actor who, from 2019, had used the same MO over and...
Look before you click
The latest trend in phishing is pictures! It might be a thumb nail of a picture - a cute pet, interesting garden scene, or some other curiosity. It might be in the form of advertisement. Maybe it is offering a time sensitive, and urgent deal. It might even be a...