Cyber Security Awareness Month 2021 Roundup #BeCyberSmart
While Cyber Security Awareness Month has now ended, it’s important to continue to develop your cyber security knowledge – not just during October, but all year round! With cyber risks multiplying rapidly and cyber crime the fastest growing type of crime, we’ve stepped up our efforts this year to #BeCyberSmart and ensure brokers are doing the same.
Throughout the last four weeks of Cyber Security Awareness Month, we’ve explored everything from phishing to Multi-Factor Authentication, gathering key insights from our Cyber & Financial Lines Underwriting Manager, Matt Drinkwater, which you can listen to in our podcast HERE
With this year’s Cyber Security Month being a particularly busy one, we’ve collated our key highlights below – with additional information regarding human error and dealing with a breach.
The issue of remote working
It should come as no surprise that cyber attacks have become more prominent since March 2020, with the key driving factor behind this increase being the rise of remote working. While working remotely offers a number of key benefits, more than 18 months later – the cracks in security are more evident than ever.
Recent data published by Tenable, found that 74% of cyber attacks that organisations have suffered, have been a result of remote work tech vulnerabilities. The report explains that cloud devices, apps, personal devices and remote access tools have essentially eliminated many businesses’ security perimeters and resulted in a stark increase of cyber attacks. The risk of remote working can be distilled down into three key factors: a lack of visibility into remote employee home networks, an expanding software supply chain and cloud migration.
Phishing
Phishing is in no way a new threat to businesses. It has existed for many years and yet still continues to be one of the most popular types of scam employed by cyber criminals. For those unfamiliar with the term, phishing scams commonly involve sending fraudulent emails, or directing victims to fraudulent websites in order to obtain logins or other sensitive information. Looking at recent statistics, UK Government figures show that phishing was by far the most common form of attack faced by businesses over the last year, with 83% of businesses and 79% of charities experiencing a phishing scam.
Educating staff about how to detect phishing scams is one of the best lines of defence available to organisations, along with promoting vigilance and easy-to-follow guidelines. But unfortunately there is always a chance that a phishing attack will be successful, infiltrating an employee’s device or compromising a business’s website. In these instances, it’s vital that businesses have protection, which is where our CyberSafe solution can help.
The importance of Multi-Factor Authentication (MFA)
As online banking services first started to appear in the late 1990’s, banks initially used passwords and codes to protect their customers’ accounts. Within a few yearsthe limitations of these security systems were soon realised, with banks instead introducing One Time generated codes instead.
Thankfully MFA technology is not just restricted to online banking but can be implemented across cloud applications so that businesses can increase access control. With passwords no longer an adequate defence against cyber criminals, it’s vital that businesses use MFA to make sure their networks are resilient.
PICNIC – Human Error
The acronym PICNIC which means ‘Problem In Chair Not In Computer’ is another way of referring to human error. Unfortunately, when it comes cyber claims, around 90% of these are a result of some type of human behaviour. In fact, human error is actually seven times more likely to cause a data breach than hackers.
Taking this into account, it’s vital that insureds take the time to educate their staff about common cyber risks, such as how to spot phishing emails and implement processes to limit the likelihood that their employees will be responsible for a breach in security.
Dealing with a breach
While cyber security software and staff education do help enormously to reduce the risk of a successful attack, unfortunately no system is impenetrable to cyber criminals. In the event of a successful attack, businesses may face extortion and other threats, often leading to severe financial and reputational damage. In these instances, it’s essential that insureds have cyber insurance that covers, cyber response, cyber restoration, cyber expense, cyber extortion and business interruption. Our CyberSafe product not only incorporates all of these features, but also includes 24/7 integrated breach response from ReSecure.
ReSecure is an integrated cyber incident response service, which has been created to provide a ‘one stop shop’ for the full range of services required to manage, investigate, resolve, and recover from a cyber security incident. In the event of a breach, the ReSecure team will advise, assist and guide you through a cyber incident to ensure that:
- the incident is contained
- any compromised data is identified
- notification obligations are assessed
- data subjects are notified promptly where appropriate
- call centre services are engaged as necessary
- credit monitoring and web monitoring are made available where required
- regulators are notified and kept informed
- systems are returned to normal operation
- reputational issues are addressed via the appropriate media
- any liability exposures are assessed and response strategies devised.
For those interested, you can learn more about ReSecure here.
Contact us
For more information about CyberSafe Insurance or our e-trade solution, contact your NMU Development underwriter or our cyber team;
Matt Drinkwater, Cyber & Financial Lines Underwriting Manager – 07748 676262
Cliff White, Underwriter – 07971 923108
John Kellett, Underwriter – 07568 432512
About NMU
NMU is an award-winning provider of specialty insurance solutions
We are the first choice for brokers looking for specialty insurance, offering solutions that are not simply off-the-shelf, but built upon a real understanding of the risks faced by policyholders. This, together with our ability to write risks such as storage, installation, construction and exhibitions outside of the UK and offer terrorism cover on overseas property, sets us apart from the competition.
You can count on us, when you need us most! We are NMU
Our team of professionals based across the UK, provides customers with an in-depth product knowledge and a real personal service.
We provide bespoke insurance products that are not simply off-the-shelf solutions, but built upon a real understanding of the risks faced by policyholders as well as offering added value services to benefit our clients.
Our product and services range comprises:
Cargo Insurance: Marine cargo policies cover goods during import and export, including any incidental storage, as well as domestic distribution. Stock throughput polices can cater for all this plus other, intentional storage…read more
Freight Liability Insurance: Covering the liabilities to which hauliers, freight forwarders and warehouse keepers are exposed when they contract to move or store goods owned by others…read more
Engineering Insurance: Covering contractors’ all risks (CAR), erection all risks (EAR) and contractors’ plant; machinery movement (and installation), breakdown and business interruption; deterioration of stock; and electronic risks…read more
Marine Equipment Insurance: Covering remotely-operated and autonomous underwater equipment – ROVs, AUVs and the like…read more
Terrorism and Sabotage Insurance: Standalone terrorism cover can be a more flexible and cost-effective alternative to traditional placement routes…read more
Motorsport Insurance: Designed for commercial risks, our motorsport policy offers 24/7 cover for teams at all levels across all disciplines…read more
Cyber Insurance: Providing SMEs with a simple, robust solution for cyber liabilities, cybercrime and restorative support…read more
Risk Control: Whilst we pride ourselves on our claims service, there is far more benefit to policyholders in preventing loss and damage in the first place…read more
Online Facilities: To complement our award-winning service, we use online facilities to assist NMU policyholders and brokers alike…read more
Claims Management: We pride ourselves on prompt and efficient claims management, which is supported by the use of independent surveyors and adjusters to quantify larger losses and to give advice on mitigation measures…read more