Protecting your Business from Cyber Risks – Part 2
In Part 2 of our cyber risk series, we take a look at what steps you can take to protect your business from a cyber–attack. We also explain what Cyber Liability insurance is and why you should consider it as part of your business security plan.
Tips to stay cyber safe
Prevention is always better than a cure, especially when it comes to safeguarding your business from cybercrime. Here are 10 ways to help protect your business from becoming another cyber–attack statistic.
- Have a plan – One of the first things to establish is an incident response plan. Make sure everyone understands what to do, who to contact and how to recover from a cyber–attack if it were to occur. Some of the things to include in your plan include contact details of IT staff and financial institutions (if banking details are compromised).
- Firewalls and anti-virus protection – Embed firewalls and anti-virus software across all your IT systems. Keep track of all your devices and ensure the latest versions of the software are all installed correctly.
- Password protection – Use strong passwords and if possible two-factor authentication to strengthen access.
- Train your staff – Whether you have two staff or twenty, make sure your staff are frequently trained on cybersecurity and are aware of potential risks. Preparing your staff with knowledge and tools helps minimise the risk of falling victim to a cyber–attack.
- Backup data – Keep your data backed-up regularly and stored off your business premises. Don’t have the backup connected to your network as this will put all your data at risk.
- Storing credit card details – Simple rule, do not store credit card details on websites.,
- Third-party vendors – Have any requests to change supplier or bank account details independently verified through a known contact.
- Mobile encryption – Take the extra step to protect your data with encryption for your mobile phones, laptops and any other portable devices.
- Do not pay the ransom – Cyber security experts recommend not to pay any requested ransom as you have no way of knowing where your money is going. Ransom funds have often been traced back to funding terrorism and other crimes and there is no protection from the hackers striking again.
- Two to sign off – For payments and transfers, have two staff sign off the transaction before it is processed and approved.
What is Cyber Liability insurance?
Cyber Liability insurance* is designed to help protect you from claims and support your profitability in the event of a cyber breach or attack. Costs associated with defending a cyber claim are also covered.
Examples of the types of risks Cyber Liability insurance can assist with are inadvertent loss or release of customer personal information, cyber–crime, cyber extortion/ransomware and business interruption due to a cyber event.
What is typically included*?
- Business interruption costs
- Investigation and data recovery costs
- Fines and penalties
- Extortion costs
- PR and crisis management costs
What is typically NOT covered*?
- Replacement equipment
- Property damage
- Prior known facts / circumstances (before the policy commenced)
- Intentional acts
The insured was a medical service provider. They experienced a ransomware service attack across a number of their websites operating in Australia. The Cyber Liability policy, responded the claim and covered the business interruption costs and the claim costs for IT forensics, contractors, PR specialists and legal staff to remediate the damage. The costs of remediation and business interruption totalled $637k.
Need to talk about your Business Insurance?
Give us a call or jump online to discover a variety of business insurance options to help protect your business. At BizCover, we’re all about making insurance easy and hassle-free, providing multiple quotes from some of Australia’s leading insurers in minutes.
*As with any insurance, cover will be subject to the terms, conditions and exclusions contained in the policy wording. The information contained on this web page is general only and should not be relied upon as advice.