“Do you send or receive payments electronically?”
- Cybercriminals are increasingly intercepting electronic fund transfers, often by hacking into email accounts, pretending to be someone else, and sending fraudulent instructions.
- Scams are hard to spot because cybercriminals are taking the time to study how their victims send and receive payment requests, and they often come from real email addresses.
- Payments are rarely retrievable as payments disappear into other accounts quickly. Banks rarely refund the losses.
- Cyber insurance can refund the often-significant financial losses that come from these scams. In fact, funds transfer fraud makes up about a quarter of cyber claims globally.
“Do any of your employees work remotely?”
- Ransomware attacks stem from cybercriminals exploiting remote access solutions, whether by conducting brute force attacks which crack simple passwords or by using stolen login credentials.
- Similarly, funds transfer fraud scams often rely on cyber criminals gaining remote access to employee accounts to perpetrate their scams.
- Employees may also be more susceptible to phishing scams whilst working from home, especially when they have no one in the immediate vicinity to ask about suspicious emails.
- There’s always the risk that lost or stolen work devices may result in a data breach.
- Cyber insurance can protect against the financial losses which may be the unintended consequence of remote working, whether that be in the form of ransomware, funds transfer fraud or a data breach.
“Do you collect or store personally identifiable information (PII) like credit card numbers or health information?”
- If sensitive information that you are responsible for is subject to unauthorized access or disclosure, you will most likely have to notify affected individuals of the breach and provide credit monitoring services.
- When it comes to PII, there are usually rules and regulations about how you collect, use and store that information. If you do not adhere to them, you could face regulatory fines and penalties.
- A malicious third party isn’t always to blame. Often, it’s as simple as an employee losing a company laptop or sending an email containing sensitive information to the wrong person.
- Cyber insurance covers a range of costs associated with responding to data breaches, including legal advice, notifying affected individuals and any regulatory fines and penalties incurred.
“How long can your business operate without access to computer systems and the data they hold?”
- You are probably more dependent on computer systems than you realize.
- Understanding that modern businesses are partly or entirely reliant on technology in order to operate, cybercriminals increasingly see ransomware attacks and targeted extortion attacks as easy money. They do this by encrypting key data and demanding large sums of money in exchange for the decryption key.
- Most small businesses lack the technical resources to deal with attacks like these in-house and may not have experience support resources in the event that their systems compromised.
- Incident response teams note that the system downtimes can vary, but in the worst case scenarios, businesses are not operational for weeks or even months after a cyber event.
- Backups are frequently targeted and disabled in these attacks, leaving businesses with little recourse when it comes to reinstating their data.
- Cyber insurance not only gives you access to a range of technical experts to help get you back online fast, but it covers the financial losses incurred as a result of your business interruption and the costs of re-creating any corrupted data. It can even cover the reputational impact of cancelled contracts and customers choosing to go elsewhere.
“Do you store business-critical information on your computer systems, such as client contracts, designs and plans, stock levels and other corporate information?”
- Even if you don’t store PII like customer records or credit card information, you’ll still likely have essential information that you need regular access to, from appointment bookings to intellectual property.
- If business critical data becomes unavailable, it can have a serious impact on your ability to operate effectively, ultimately impacting your bottom line.
“Are you confident that you or your employees will never make a mistake?
- Having good cyber security controls in place can make an organization less vulnerable to attack, but it can never make them 100% secure. Indeed, humans are often the weakest link in the cyber security chain.
- This includes everything from employees clicking on a malicious link or attachment in a phishing email, handing over their username and passwords to fraudsters, using weak passwords, not properly addressing new funds transfer requests with a phone call, or losing devices containing sensitive information.
- Cyber insurance covers the financial losses that can result from these common errors, as well as giving you access to technical experts if someone makes a mistake. It also usually comes with a range of free risk management tools, including phishing tools to help employees better spot suspicious emails.