An Ounce of Prevention: Why Cyber Security Matters

Suppose you own a small business and process customer payments on a remote payment provider’s server. Little risk, right? Well, suppose you download the names and contact information of those customers for use in your next direct mail campaign. A little added risk, but still not bad, right? Guess again – on both counts.

Now, what if you help manage a small to medium-sized municipality? A town is in the business of providing services to its citizens, not making a profit. After all, budget cuts and fiscal restraint are the hallmarks of your “industry.” Still at a reduced risk for cyberattacks? Wrong. In fact, in some ways, the services you provide (water, firefighting, payroll) are more valuable than the customer data a retailer or financial advisor controls.

As a vendor or service provider, you are liable for the data you handle on your customers’ behalf, whether you store that info on site, in the cloud or on a networked server. For municipalities and certain professional sectors, such as healthcare, the data you control and the systems you manage are especially vulnerable to malicious attacks. Even manufacturers, who may only have a handful of external contacts, are heavily dependent on secure data networks.

For sellers, cities and makers, the industries most at risk include e-commerce, financial services, healthcare, manufacturing and government agencies. Whether by data theft, data destruction or something in between, an interruption to your operations can be catastrophic in terms of revenue lost, damaged reputation, services impacted and time required to regain a normal footing.

Let’s look at the most common cyber threats:

Ransomware – An increasingly frequent form of cyberattack where digital control of an organization’s assets – data or physical – is seized and held for ransom.

Cloud Vulnerability – Data storage in the cloud (typically on off-site servers), increases the risk to networks managed by third parties through loss of direct control and creating additional access points.

Mobile Malware – Mobile devices are connected via apps to all kinds of networks, everything from banking to real-time inventories to vital health records. Mobile malware uses smart devices as an access point.

Wipers & Destructive Malware – Not just the realm of geopolitical bad actors, destructive “bugs” can upend a supply chain or bankrupt a business heavily dependent on proprietary software and networked information by removing or destroying existing data.

Weaponization of Legitimate Tools – A common form of weaponization is using commonplace external communications, such as email and texting, to access an organization’s internal networks without being “seen.” Access portals can also be hidden in open and outsourced code.

Supply Chain Interruption – Often overlooked, manufacturing is heavily dependent on digital networks that monitor and control everything from shipping to inventory management to labor availability.

Human Error – The leading cause of data breaches and perhaps the easiest to control is human error. Proper employee protocols are essential to a healthy cyber posture.

Our lives are inextricably linked via digital networks. From the things we buy to the services we use, most facets of our lives are digitally vulnerable. In fact, according to Statista, the average global cost of suffering a data breach last year was $4.35 million! Most data breaches go unnoticed until well after the fact.

Digital connectivity and the ease of living our lives with it can be maintained relatively easily. Prevention is the best way to combat cyberattacks. Cyber Insurance is a great first step in protecting your operations from loss.

Here are the key areas of coverage to consider:

Cyber Liability – Protects from claims against your organization in the event of a data breach. Even if the breach was at your service provider, you can still be held liable as that vendor was acting as your agent.

Damage to Digital Assets – Protects from cyberattacks designed to be destructive. These attacks erase data essential to a business or municipality and can even render digital hardware inoperable.

Business Interruption – Covers revenue lost and costs incurred due to the cyberattack. Lost time equals lost revenue, and this kind of coverage can be crucial to getting back up to full speed.

Risk Management – Pre-emptive planning to minimize the effects of a cyberattack is the most effective recovery plan possible.

Oakbridge covers hundreds of businesses and municipalities against the seemingly inevitable threat of cyberattack. Our cyber insurance experts can help you proactively develop a prevention and response plan, essential to minimizing the damage of digital malice. We’re happy to answer your questions and get you and your organization started.