Has your insurance broker been speaking to you about cyber insurance? If the answer is ‘no’, then they should be! Boswell Aftermarket Director, Joe Howard, explains why:
The modern motor factor, like most businesses, will hold and process data on a daily basis and, therefore, run the risk of attack from cyber criminals. At Boswell Aftermarket, we have definitely witnessed an upward trend of cyberattacks within the trade, and it’s unlikely to relent anytime soon. Motor factors are losing thousands, sometimes tens of thousands of pounds in these attacks and need to be aware of way to protect themselves.
What is cyber-crime?
Cyber-crime is criminal activity carried out via computers or the internet. Individuals or criminal groups target networks to steal personal information for profit. Cyber threats can include:
- Phishing emails: bogus emails asking for security information and personal details
- Webcam manager: criminals takeover your webcam and then blackmail you with the images
- File hijacker: criminals gain access to files and hold them to ransom
- Keylogging: criminals record what you type of your keyboard, which can include important passwords
- Screenshot manager: criminals take screenshots of your computer screen
- Adclicker: fake adverts that give criminals remote access to your computer through a specific link
These types of crime can impact any business both financially and reputationally. These days consumers are aware of the potential risks; according to Zurich SME Risk Index, 25% of mediumsized businesses said they have been directly asked by customers what cyber security measures they have in place.
Under the General Data Protection Regulations (GDPR), where a customer’s personal identifiable information (PII) is lost, stolen or leaked, a company can be fined up to €20 million or 4% of turnover – whichever is the higher figure.
How can you protect your business?
There are a number of ways that you can improve your cyber security to help both yourself and your customers:
Identify the risks: if you understand the risks your business could face, you can protect against them. Under GDPR, businesses have 72 hours to report a breach of personal data or face significant fines, which could have major implications for your business
Update your passwords: this is a very effective way to protect against cyberattacks. A password generator is a good way to come up with robust passwords
Email vigilance: delete emails that look suspicious, and have a training schedule in place to help staff spot anything that looks unusual. Phishing emails are becoming more convincing, and criminals change tactics regularly, so staff need to be updated regularly on what to look out for
What is cyber liability insurance?
Cyber liability insurance can help protect your business assets with cover for:
- Loss or damage to digital assets, such as data or software programs
- Business interruption from network downtime
- Cyber exhortation where third parties threaten to damage or release data if money is not paid to them
- Customer notification expenses when there is a legal or regulatory requirement to notify them of a security or privacy breach
- Reputational damage arising from a breach of data that results in loss of intellectual property or customers
- Theft of money or digital assets through theft of equipment or electronic theft
Third-party cyber insurance can also be arranged to cover the assets of others, typically your customers.
Don’t become a victim…
Virus
An engineering client had a virus planted into its system and was unable to use its IT for five days whilst its IT support resolved the issue. It cost £22,000 to rectify, while all accounting, invoicing, stock control were affected. No payments could be made or received, and it coincided with monthly payroll time, which delayed paying the employees.
System breach
A client suffered an IT breach where 400,000 fake credit card statements were sent to its customers and other companies throughout the UK. The IT costs to rectify the damage, along with the estimated loss of revenue, was £24,000.
System hack
Hackers gained access to a motor factor’s email system and sent emails to all of its customers purportedly from either the chairman or finance director, saying that the company had changed its bank details. Considerable time was spent contacting over 200 customers to tell them to ignore the email as it was not true. Several had already changed their records.
