How to Best Protect your Business against Cyber Threats & Interruptions

Over the last 12 months, the rise of remote work has increased cyber risk and made companies more vulnerable to cyberattacks. While businesses are becoming more aware of cybercrime risks, there is still inadequate understanding of what the risks are, and how to mitigate and insure them.

In this article, we’ve worked with CT Group to explore cybercrime and cyber insurance in 2022 – including how to mitigate cyber risk and how to address a key cyber-related exposure: business interruption.

Remote Work Fuels Cybercrime

Cybercrime has been around since 1834 — when hackers breached the French Telegraph system and accessed stock market data. Since the 1830s, technology has developed exponentially, and so has cybercrime.

In a survey by McAfee, two-thirds of responding companies experienced a cyber incident in 2019. The average reported cost for each company’s most expensive breach was over $500,000.

Since 2019, the rise of remote work has only fuelled the fire. According to the Australian Cyber Security Center, cybercrime reports rose 13% in FY2020-21. Head of the Australian Cyber Security Center, Ms Abigail Bradshaw CSC, commented:

"As we shifted online to go school work or work from home or buy things, or keep communicating, the criminals have also shifted and really prosecuted our online lives to make money or steal our information."

A recent Open VPN poll supports this statement. Among respondents, 73% of VP and C-Suite level IT managers believed that remote workers pose a greater cyber-security threat than on-site workers.

Companies need to accept that they are constantly exposed to the very real and increasing threat of cybercrime, and that cybercriminals are proactively and constantly trying to find ways to attack unprepared victims.

Key Cyber Risks Businesses Are Facing Now

If your business is reliant on computers to function, a cyber-related business interruption can have a massive impact on turnover. In extreme cases, malicious attacks can hinder your ability to generate income for weeks or even months.

In 2022, cybercriminals are more vicious and dexterous than ever before. And, as businesses trade static workstations for a more ‘fluid office’ the threat of cyber-attacks has increased exponentially. Today, even organisations with advanced security and firewall technology are at the mercy of cybercriminals.

Key cyber risks include:

1. Inadequate passwords

• It does not matter how secure your organisation’s secure infrastructure set-up is – humans are creatures of habit and their actions are easy to interpret. Weak passwords are an easy target for hackers. 

2. Phishing assaults

• Phishing is an older attack method – but, according to a 2021 report by CISCO Umbrella, it still accounts for almost 90% of all data breaches. In a Phishing attack, the user receives communication (usually an email) that appears to be from a source they trust. 

3. Malware

• Malware, or ‘malicious software’, is arguably the most widespread form of cyber security threat. Malware causes systems to behave strangely. This includes preventing access to programs, deleting files, syphoning information to other sources, and infecting connected systems.

4. Trojan viruses

• Trojan Viruses are a form of malware. They disguise themselves as legitimate, helpful software. But under the surface, they are harmful. A common ploy is to send a warning to a user saying that it detected malware in their system. They offer to scan your device, but the ‘scan’ it carries out is actually the transfer of malware.

5. Crytopjacking

• A definitive sign of the times – Cryptojacking is the act of hijacking a computerised device and syphoning computing power from the machine without the official user’s knowledge. The additional power is usually used to mine cryptocurrency.

6. Ransomware and extortion

• Ransomware can be described as malware’s nastier cousin. Ransomware encrypts your files in a way that is nearly impossible to remove without the necessary software codes. Organisations can be held to exorbitant ransoms to free their systems and data.

This chart shows cybercrime statistics for the 20/21 financial year. It is a good indication of how prevalent cybercrime is in Australia at the moment.

Cyber Business Interruption – The Costs

Most businesses are aware of potential expenses related to repairing operating systems, regaining system access and addressing data breaches following a cyber attack. But, many overlook a critical exposure: business interruption.

An attack related outage can cost your business thousands in lost profits and unexpected expenses. In a survey by McAfee, in 2019 the average length of a responding business’s longest cybercrime-related interruption was 18-hours. For more than 33% of respondents, attack-related system downtime cost between $100,000 and $500,000.

Cyber business interruption examples:

In 2017 the LA Times reported that a NotPetya worm attack interrupted business at Danish shipping company Maersk for two weeks at a cost of $200-$300 million.

According to Computer Weekly, a 2020 cyber-attack left Avon representatives in several countries unable to place orders. Parts of the Avon UK system remained down more than a week after the incident.

Mitigating Your Cyber Risk & Cyber related business interruptions

In addition to understanding the risks, and insuring against them, it’s probably most important to ensure companies are preparing for, and mitigating key risks. CT Group has provided a list of tactics all businesses should undertake to manage and reduce their exposure to the growing threat of cybercrime:

Staff training: Security Awareness and Cyber Training can greatly reduce the vulnerabilities companies face, by creating awareness and helping staff carefully navigate possible pitfalls.

Enforce cybersecurity policies: Organisations must implement strict policies and set a standard of behaviour when it comes to the safe use of cyber-based company assets. Cloud-based governance infrastructure can help to monitor and maintain sovereignty over the use and exchange of data.

Inspect encrypted traffic: Encrypted channels are now commonly used by cybercriminals. Adopt cloud-native, proxy-based applications that can inspect, decode, detect, and prevent threats in all HTTPS streams, for each user.

Up-to-date software: Apply software Patch Management, which ensures that all critical security updates are deployed to the endpoints within the network in a timely manner to address new vulnerabilities and fix them as they are discovered.

Migrate to the cloud: Move your company’s operations to the Cloud to gain stricter control over network access and avoid locally stored assets. The cloud also makes limiting and granting access very simple.

Develop a response plan: Prepare for the worst with the right business insurances. Speak to your IT service provider about a data backup and disaster recovery plan and build your response strategy into your overall business continuity program.

Understand the cover your business needs: Whilst it is imperative to establish what your company’s risk status is, having a clear understanding of the different types of insurances is just as important to make the right choices. For example, having a Cyber Insurance policy is essential to provide Emergency Incident Response, Liability and Financial Loss cover after an attack, while Cyber Business Interruption Insurance exists as a breach response to make up for the income that could not be earned during the restoration period after an attack.

What Is Cyber Business Interruption Insurance?

Cyber insurance is a package of coverages that respond to losses associated with a cyber attack. The package can include cover for:

• Cover for stolen funds & lost data
• Costs to respond to and defend legal actions related to privacy or security breaches
• Costs related to restoring and re-protecting your computer systems
• Incident response costs and access to 24/7 emergency response teams
• Costs associated with investigating and notifying a data breach

In some — but not all — cases, your cyber policy may include business interruption cover, which is arguably one of its most important coverage sections. Similar to traditional loss events like fire or flood, having insurance to restore operations following a cyber event is only useful if the business is able to survive through the restoration period. 

The intention of cyber business interruption cover is to cover the revenue you would have earned if you had not experienced the cyber event. It can also cover additional expenses incurred to continue operating as best you can while the insurers help you recover from the loss.

If your Cyber policy does not include cyber BI cover, it is strongly recommended that you either add it to your existing policy or seek an alternative policy with more comprehensive coverages.

Unfortunately, organising Cyber BI cover is not simple. As a new and evolving form of insurance, cover terms can differ from insurer to insurer, and understanding what is best for your businesses can be confusing.

What Does Cyber BI Insurance Cover?

The insurance market has not yet settled into a standard way of covering cyber business interruption, which means policy terms can vary significantly between insurers.

? Loss of income

Covers the difference between your net profit and the net profit you would have earned without business interruption.

? Operating expenses

Covers ordinary operational expenses that you must continue to incur through the outage, such as rent and payroll.

? Additional expenses

Covers expenses incurred for the express purpose of reducing an outage-related income loss. For example, hiring a tech expert to put a workaround in place or paying customer service staff overtime to process sales by phone.

Your policy may also include or have an option to add:

? Forensic expenses

Covers costs associated with investigating the source of business interruption.

? Contingent business interruption (also called dependent business interruption.)

Extends cover to situations where an attack on another company’s systems results in interruption to your business. The policy will usually require you to have a direct relationship with the company in question and would not extend to computer system failures among your customer base.

To learn more about Cyber Business Interruption Insurance and FAQs, discover the full article here.

Should you need more information on Cyber Insurance, please contact the KBI team on 1300 907 344 or visit our cyber insurance page

Should you need more information on Cyber Security, please contact the CT Group team on 1300 434 237 or email [email protected]

Disclaimers

All information on the document is provided in good faith, and while significant care has been taken to ensure the information is conveyed in the intended manner, we make no representation or warranty of any kind, express or implied, regarding the accuracy, adequacy, validity, reliability, availability or completeness of any information on the document. When considering the purchase of an insurance policy, you should consider whether the advice is suitable for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the KBI Financial Services Guide and relevant product disclosure statement.

Under no circumstance shall we have any liability to you for any loss or damage of any kind incurred as a result of the use of the document or reliance on any information provided on the document. your use of the site and your reliance on any information on the site is solely at your own risk.

External Links Disclaimer

The Site may contain (or you may be sent through the Site) links to other websites or content belonging to or originating from third parties or links to websites and features in banners or other advertising. Such external links are not investigated, monitored, or checked for accuracy, adequacy, validity, reliability, availability or completeness by us. WE DO NOT WARRANT, ENDORSE, GUARANTEE, OR ASSUME RESPONSIBILITY FOR THE ACCURACY OR RELIABILITY OF ANY INFORMATION OFFERED BY THIRDPARTY WEBSITES LINKED THROUGH THE SITE OR ANY WEBSITE OR FEATURE LINKED IN ANY BANNER OR OTHER ADVERTISING. WE WILL NOT BE A PARTY TO OR IN ANY WAY BE RESPONSIBLE FOR MONITORING ANY TRANSACTION BETWEEN YOU AND THIRDPARTY PROVIDERS OF PRODUCTS OR SERVICES.

? KBI Pty Ltd 2022. All Rights Reserved. Authorised Representative (450152) of KBI Group Pty Ltd (ABN 56 167 437 121, AFSL 494792)