Hello, I’m Matt, taking over from Colin this month to write about cyber risks. This is one of the largest systematic risks to all businesses, no matter what industry. As a result, it is one of the fastest growing areas of insurance cover and risk management activity, in line with the fact the businesses are becoming ever more reliant on technology and cloud-based services.
Many funeral businesses believe that they are not a target due to their size, the industry they operate in not being a target for cyber-crime, or their level of IT protections in place. However, it is important to bear in mind that funeral directors are particularly exposed due to the sensitive nature of their work.
It is often the ‘human firewall’ that cyber criminals exploit. Hiscox Insurance Company reported that in 2018, 67% of its cyber claims were due to human error, whether this be clicking a malicious link, loss of a device or falling foul of social engineering techniques to obtain log-in details*.
Under GDPR, should you as a business fail to adequately protect and prevent loss of your clients’ personal or sensitive data, you will be liable to potential damages claims from your customers, as well as to fines or penalties from the Information Commissioners Office (ICO).
A comprehensive cyber insurance policy can protect you against these risks in the following ways:
- 24/7 data breach hotline – whereby if you suspect a data breach you can call, excess free, for expert analysis to investigate if there truly is a breach.
- Following this, if a breach is detected, IT forensic experts will investigate to ensure that the source is located and corrected, and PR and legal teams will ensure that external communications are in place to protect your brand.
- Insurers can also assist with risk management, including employee training, to minimise the risk of a breach in the ‘human firewall’. Cyber criminals will often target the human, not the technology.
Additionally, without a cyber policy any business with an online web presence or who relies on IT systems to transact daily business, will be exposed to the following:
- Cyber-crime, such as push payment fraud or CEO fraud, whereby funds are sent to criminals’ accounts unwittingly.
- Cyber business interruption, via Denial of Service attacks to your website or downtime of systems and platforms that you use to transact business.
- Ransomware, through locking of computers with the promise of an unlock through payment of funds to the criminal’s bank account.
- Harmful reputational damage via social media, including so called ‘fake reviews’.
Cyber criminals do not discriminate against who they target – imagine a house burglar walking to every house in one street just testing locks. They will exploit wherever they find success.
As your businesses move its assets from bricks to clicks, ensure that you have the adequate protection and advice today by contacting our specialist cyber division on 0203 846 5274.
Aston Lark new business account executive