Cyber-attacks are becoming more and more commonplace due to the increase in Cyber Crime and without specific cyber insurance, you could end up out of pocket. Did you know that a UK business is nine times more likely to have a cyber-attack than a fire?
Why are there more cyber-attacks?
Online cyber crime is easy to commit and very lucrative for criminals. According to The Dark Web Price Index 2020, single credit card details fetch between $12-$20 and PayPal details nearly $200.
The rise of cryptocurrencies such as Bitcoin has also helped to give criminals anonymity when requesting and collecting ransoms.
Cyber-crime has become big business, the Internet has enabled organised crime groups to go online, recruit hackers and set them to work bringing in easy money. Setting up an office dedicated to scamming businesses is a relatively low-cost, low-risk and high-yield proposition.
Why would a cybercriminal target a nursery?
Criminals rarely target a specific sector, but we have seen a rise in UK SMEs as a whole being the victim of a cyber-attack. Almost half of businesses (46%) report having cybersecurity breaches or attacks in the year to March 2020 according to a GOV.UK survey.
It is also much easier for criminal gangs to replicate a small attack, such as a phishing scam. Send it to multiple businesses, requesting a relatively small ransom, rather than hacking a large corporation for millions.
Cybercriminals are also playing on the fears of an ICO fine from a GDPR data breach (which can be up to 4% of your turnover), plus the damage of the associated bad press. Previously a criminal would gain access to your systems and ask for a ransom to unlock it. Now, as well as locking the system, the criminals also steal some data and threaten to post it online unless you pay the ransom.
What might make your business attractive cyber crime?
First, you have to consider how much data you hold. You have children’s data, which if stolen and posted online by the criminals would create a PR disaster. You hold parent details, ideal for identity theft.Also you have bank details, credit card details etc. these are often the most sought after data files. Also, don’t forget all the data you hold on staff including copies of identification, bank information and next of kin data. All of which is stolen would trigger a need to report to the ICO.
Then consider how safe is this data?
We might assume your data is held on the same system managed by a Third Party supplier but do you know how your suppliers keep the data they hold on your behalf safe?
Looking at the security measures within your control, do you have two-factor authentication in place and do you have sufficiently complex passwords?
You may have virus protection software and firewalls. However, criminals are now using multiple complex methods, these attacks may get past your protection and you may need to rely on a staff member spotting the scam. Have you trained your staff about how to spot a potential cyber-attack?
The role of cyber insurance to protect you from cyber crime
Having a cyber-insurance policy will not stop you from becoming a victim of a cyber-attack. However, an insurance policy will provide you with a team of experts to help reduce the impact of an attack. Insurance policies can also include support with PR to manage the reputational damage. Insurers will also help you with the ICO’s 72 hour breach report deadline, ensuring you have the right data in the right format, which if done correctly and in a timely manner, may help you avoid a costly fine.
You also get an expert to hold your hand throughout and talk you through the process of reinstatement and getting your business back up and running. This knowledgeable support can be a godsend when you have multiple systems, a potential breach to report, staff concerns, parents worrying and no way of knowing how to fix it all yourself.
Finally, insurers will often help you make improvements to your system to stop you from falling victim again.
To find out more about cybersecurity and current trends in attacks, check out the National Cyber Security Centre. To find out more about cyber insurance speak to your insurance provider or get in touch with dot2dot.