Cybercrime: Myths and legends
As an independent insurance broker, here at Sector Associates we’re always looking out for our clients, and recent research from Hiscox highlighted a worrying trend; cybercrime is on the up, with the number of businesses reporting an attack rising from 40% in 2018 to 55% in 2019.
Of these, a worrying three quarters were classed as ‘unprepared’, with too many businesses still feeling they weren’t at risk, partly as a result of a number of myths still surrounding cyber security.
We’re here to help, and want to make sure everyone is protected in the event of a cyber-attack, so let’s take a look at those myths…
“Our business doesn’t hold sensitive client data”
Sensitive is a subjective word; you may not be holding people’s medical records, but all data is potentially dangerous in the wrong hands. If you hold people’s names and addresses, not to mention payment card or merchant services, then you hold sensitive data.
“The bank will pay”
This is a common assumption, but it’s not as simple as it seems. Banks may reimburse you if your account has been hacked, but what about if you or your staff have been tricked into handing over log-in details?
It’s also worth noting that banks may not apply the same criteria to business customers as they do to individuals – have you checked the small print?
“The crooks are only after the big companies”
This is one of the most dangerous myths; while large organisations grab the headlines, the reality is that it is the SME sector which is increasingly being targeted. Small businesses face an average of five attacks a year, with higher rates of human error combined with lower levels of IT security making these businesses a target for criminals.
Smaller businesses are also more reluctant to report attacks, fearing that they will get a reputation as being unsafe – reiterating the myth of cybercrime only being an issue for the multinationals.
“We have firewalls and anti-virus software”
Great – but could you be doing more? No single element can prevent cybercrime, as hackers use increasingly sophisticated ways to target victims. Indeed, there have been calls for more of the £640m we spend on anti-virus protection each year to be spent on law enforcement.
“I’m covered under my insurance policy”
Are you? Don’t assume anything, as standard insurance policies don’t generally cover cybercrime. Most insurance companies exclude electronic data under the definition of ‘covered property’. General policies are designed for bodily injury or property damage, and these are carefully defined in the policy, leaving no room to cover electronic data.
How can we help?
There are an increasing number of bespoke insurance products available, many of which provide specialist claims support in the event of attack. The challenge is that there is still a big difference in the terminology used and the cover available between policies. For example, clients may think that a fake email from somebody pretending to be a supplier or the managing director, which leads to a loss, would be covered under a cybercrime policy but this isn’t necessarily the case.
Our managing director, Jamie Jenkinson, said: “It’s great that the insurance industry is reacting but the type of losses are changing each year, as is the insurance cover available. With policies starting at as little as £48 per year, customers need independent advice to help them select the right product for their needs.”
If you’d like to find out more about how you can protect your business from a range of cyber crimes, talk to us on 01845 527428 or email [email protected]