Cyber-attacks – how you can reduce the risk and secure your business

In this digital age, a single Cyber-attack can have devastating financial and reputational consequences. According to the Department of Home Affairs and Stay Smart Online Australia, the direct costs to an average sized business hit with a cyber breach is estimated to be around $276,000.

Ben Hastie, Director of Sales and Distribution at Resilium Insurance Broking, says that personal information has tremendous value and businesses need to minimise their Cyber risk before it is too late.

“Cyber-attacks have become incredibly sophisticated and are on the rise, as evident with the recent, successful Cyber-attacks on Australian Government departments,” says Mr Hastie.

“The time it takes to resolve Cyber breaches is between 23 and 51 days. That’s a minimum of 23 days that a business may be potentially frozen from conducting any operations.”

Of those businesses that are hit with a Cyber breach, approximately 60% of them will close their doors permanently within six months as a direct result.

“Business owners need to consider the very real effects of a Cyber-attack and whether they could actually cope with the ensuing potential revenue loss, lost customers, brand damage, critical data lost, missed website enquiries and all while still committed to paying staff and other bills.”

The increase in Cyber-attacks in the last few years has elevated Cyber risks as THE number one, biggest global business risk (Business Interruption now ranked number 2) as per Allianz’s recent Global Risk Barometer survey.

What are some of the most common Cyber-attacks?

1. If a Cyber-attack is a Malware breach, it can cause damage to an entire computer network via ‘worms’ viruses or trojans… leaving the computer and the whole network inoperable as the hacker controls the system remotely.
2. If a Cyber-attack is a Ransomware breach, this is a type of malware that encrypts a victim’s files and sees the Cyber attacker demanding a ransom to restore access – usually in payment via untraceable Cryptocurrency.
3. Phishing is one of the oldest types of cyberattacks and it’s still one of the most destructive. It tricks email recipients into believing that the message is something important and from a real provider like a bank or a notice to update Office 365 for example.
4. Denial of service is a type of Cyber-attack is an attempt to make an online service unavailable by overwhelming it with traffic, by compromising systems to flood sites causing the website or server to slow down or crash.

Data is SO valuable that Cyber criminals will go to extraordinary lengths to steal it – and not just remotely.

“We’ve heard of cases where Cyber criminals have purposely dropping infected USBs in public places hoping that people will pick them up and use them,” Mr Hastie revealed. “In other instances, Cyber criminals will go as far as sifting through your garbage to find data to help set up a new identity with your details.”

Things you can do to help be prepared for a Cyber-attack.

1. Consider using extra security measures like multi-factor ID authentication for portable devices like laptops, iPhones and iPads.
2. Conduct ‘safe web browsing’ – don’t click on things that look legitimate. Always check the URL and whether it’s from a trusted sender.
3. Email security is vital – Do not use your personal email for work purposes, never open attachments on unfamiliar emails, don’t click on any suspicious links within emails and consider the email itself as to whether the links look strange or there are spelling/grammatical errors.
4. Password protection – Avoid common passwords which include seasons, city names, pet names, family names. Consider using full sentence passphrases with numbers or symbols (i.e. WelcomeToSharePoint2018!)
5. Lock up important business materials – Don’t leave papers, computers or other electronic devices visible in an empty car or house.
6. Shred sensitive paper records before disposing of them – Cyber criminals aren’t just behind a computer screen and will go through bins to find personal data.
7. Cyber insurance – Talk to a Resilium Adviser about your risk profile and how you can be protected.

Some of the biggest organisations in the world have found themselves successfully hacked, despite having state of the art IT security measures in place. Businesses can no longer afford to be complacent about their Cyber safety, which is why many are including Cyber Insurance as an integral part of their insurance profile.

Talk to your local Resilium Insurance Adviser today about how Cyber Insurance can give you peace of mind that your business will stay operational even if it has been breached by a Cyber incident.

The information provided in this article is of a general nature only and has been prepared without taking into account your individual objectives, financial situation or needs. If you require advice that is tailored to your specific business or individual circumstances, please contact Resilium directly.

References:
1) Australian Government Department of Home Affairs, https://www.homeaffairs.gov.au/about-us/our-portfolios/cyber-security/overview
2) Allianz 2020 Global Risk Barometer https://www.agcs.allianz.com/news-and-insights/reports/allianz-risk-barometer.html