Although there is notoriety involved with a hacker attacking the bigger corporations it is actually easier to target small companies, whose IT systems or accounting processes may not be so sophisticated.
We have seen a few of our own clients suffer at the hands of these unscrupulous groups and as painful as it is to admit, even MPI has been a victim!
Companies must regularly check their firewalls, security protocols, back-up systems, general risk management and training, all of which should extend to other systems such a telephone networks.
Plus make sure your account team have a robust checking system in place for supplier/customer payments, bank account change requests etc.
A few examples of incidents below:
- An email string was infiltrated, and the scammer pretended to be one of the recipients asking for the next payment to go to a new bank account, which of course was not the correct account and the money was lost
- Phone hacking attack resulted in one phone diverted to a premium rate number for three weekends before anyone was aware.
- Data protection issues, when a customer database is accessed
Many infiltrations we have seen are made by internal "unhappy" staff
Cyber Insurance will help you cover the costs, including helping you get back on your feet. One thing it will not do is get rid of the grief and hassle caused. Thinking about and implementing some of the measures above will help to reduce that.
The link below will provide more information on the insurance – some liability insurers do add an element of cover for Cyber, although they seem to be removing this now, so we would always suggest a standalone policy with much wider cover.Proposal form
The Product - CyberPro
- Security and Privacy Liability
- Coverage for third party liability claims arising from failure to protect private or confidential information
- Multimedia and Intellectual Property
- Coverage for third party liability claims arising from advertising and intellectual property risks
- Technology Services
- Coverage for third party liability claims arising from any actual or alleged breach of duty, or omission in the rendering of technology services
- Miscellaneous Professional Services
- Coverage for third party claims arising from actual or alleged breach of duty, neglect, error, or omission in the rendering of non-technology professional services
- Network Interruption and Recovery
- Provides first party coverage for a company's own losses as a result of a business interruption event and any additional costs of working
- Property Damage
- Coverage for damage to tangible property as a result of a security event
- Event Support Expenses
- Coverage for costs incurred as a result of an actual or alleged data breach. Includes legal and forensic, notification, call centre services, credit and identity monitoring and personal fraud loss service costs
- Privacy Regulatory Defence and Penalties
- Coverage for the costs associated with a regulatory investigation against the insured and any penalties incurred
- Network Extortion
- Coverage for the costs of an expert cyber extortion negotiator and the cost of any extorsion demanded and paid
- Electronic Theft, Computer Fraud and Telecommunications Fraud
- Coverage for direct monetary loss arising from electronic theft, computer fraud or telecommunications fraud
- Social Engineering Fraud
- Coverage for direct monetary loss arising from social engineering fraud
- Reputational Damage
- Coverage for lost net income due to termination of a services contract by your client or reduction in the value of your business brand
- Bricking Coverage
- Coverage for damage to computer hardware as a result of a security event