In Insurance Times’s April 2021 issue, Aviva’s head of cyber insurance Neil Arkle discusses the importance to all businesses of having cyber security in place and how brokers can help clients reduce their vulnerability
The recent Aviva Risk Insights report identified cyber security and cyber incidents as the fifth-largest major risk facing UK businesses today, and the exposure to cyber risks will only increase.
All businesses need to build their cyber resilience to face not only current exposures, but to plan ahead, ensuring this becomes part of their day-to-day operations to manage this growing risk.Almost all (98%*) of businesses rely on digital communications or services of some sort and the importance of securing and maintaining such systems has never been so crucial.
Lack of awareness of the threat of cyber exposures can no longer be used as a reason for not being sufficiently protected. So, while the awareness of cyber exposures should be high, a major issue rmains the lack of understanding of the threat and the impact it can have on businesses of all sizes. As trusted business advisors, both insurers and brokers have a big role to play in supporting businesses to address this.
Insuring the intangible
Business owners usually have no qualms about insuring their business premises, vehicles or valuable equipment and machinery as they can easily place a value on these tangible assets.
However, it is not so easy to assess the value and importance to a business of the information and data it holds and the potential impact of allowing access to the wrong people. It’s not only the obvious financial impact of access to company or customer bank details, or even the threat of ransom for holding information.
Businesses also need to consider the interruption such incidents can cause – the time it would take away from the running of their businesses to not be able to access systems they use on a daily basis, for example.
The overall impact on a business can be devastating, and that’s not even considering the reputational impact it could have on their customer base.
The Aviva Risk Insights report showed that 44% of business leaders, when asked which particular exposures would impact their business as a result of cyber attacks, cited disruption to their business operations, while one-third identified loss of customer confidence and damage to reputation and brand.
Human error
Most businesses will have some form of security software in place and larger ones will have IT specialists or departments, but assuming this is enough to ensure the safety of their data and information can be catastrophic.
Around 90% of cyber breaches can be attributed to human error**, whether an employee clicking on a malicious link, or business owner responding to an email without conducting security checks. It’s therefore vital that businesses educate themselves and their staff to identify signs of cyber loss, including cyber crime, and follow set processes and procedures to eliminate their impact.
Support, such as the top twelve tips to protect against a cyber attack, available on the Aviva Risk Management Solutions website, are good sources of information for business to do this.
Cyber security experts have seen that attackers move quickly to launch phishing attacks around other threats or humanitarian disaster events, and the increase of homeworking, as a result of the Covid-19 pandemic, has led to increased opportunities for cyber crime.
Stretched IT security measures, employees relying on personal networks or devices for business use, even working in isolation and under reduced supervision, are all contributing factors putting considerable stress on infrastructure and support systems.
All of which increases the susceptibility to a cyber attack. In many industries the trend for this way of working may be with us for a considerable time.
This only increases the need for businesses to be vigilant in ensuring employees are not only aware of the threats they face and how to identify them and respond, but also to have the protection in place to react quickly and effectively to ensure any attack has the minimum possible impact.
With the digital revolution showing no sign of slowing, the 5G rollout, the increase in internet enabled devices and advancing development of robotic technology, etc, there’s never been more need to increase our awareness of cyber exposures and advise our clients to do the same.
*Cyber Breaches Security Survey 2019, DCMS
**Phishing dominates UK cyber threat landscape, shows analysis of latest ICO figures, CybSafe press release, 2020