Cybercrime is an increasingly prevalent threat to UK SMEs, and many business owners are prudently turning to cyber insurance to help mitigate the costs of a successful data breach or cyber attack on their business. But is having cyber insurance enough, on its own, to genuinely safeguard your business and its customers against the threat from online criminals?
Unfortunately, no: while cyber insurance can be an important part of a business's overall risk management strategy, it is not a silver bullet. Businesses should also implement security measures to protect themselves against cyber attacks, such as data encryption and user authentication.
What Is Cyber Insurance?
Cyber insurance is a type of commercial insurance cover that businesses can purchase to financially protect themselves against cyber attacks and data breaches. There are a variety of cyber insurance policies available, and each one offers different levels of coverage. Some policies may cover the expense of investigating and responding to a data breach, while others may also defray the cost of business interruption, legal fees, and reputational damage. You can protect yourself against the most common cyber attacks by enrolling in Cyber Essentials, a government-backed scheme. In order to help protect your business from malicious attacks, it provides a comprehensive set of security controls and policies. Moreover, it provides guidance on how to strengthen your IT defences by identifying and addressing weak points in your infrastructure.
Businesses should carefully consider their needs and risks before purchasing a cyber insurance policy, especially because insurance is no longer a substitute for good security controls. Factors to take into account include the type of business, the sensitivity of the data the business holds, and the likelihood of a cyber attack. Importantly, insurers commonly refuse to provide cover to companies that don’t have basic cyber security controls in place, so it is crucial you consider this first. When shopping for cyber insurance, it is important to compare policies from different insurers and to understand the coverage limits and exclusions.
Notable among these exclusions is the refusal of some major insurance underwriters – including Lloyds of London – to make pay-outs for attacks originating in certain nation states, including North Korea and Russia. This is a concerning development for SMEs, in light of the increased hazard risk of state-orchestrated cyber-attacks from Russia since the start of the Ukraine war, and the alleged state sponsorship of ransomware gangs in North Korea.
The New Wave Of Ransomware
This new wave of ransomware threats is low-tech, blunt, and effective. Many of these criminals no longer bother even encrypting your data. They steal data from businesses with security weaknesses and then threaten to leak it on the public Internet or dark web if they refuse to pay a ransom.
Unfortunately, paying the extortion is no guarantee the gang won’t leak it later or ask for more money in the future not to leak it – in fact, there is every incentive for the criminals to continue using blackmail once they know you have a track record of making payments.
Cyber Security Best Practices For UK SMEs
As the UK's National Cyber Security Centre (NCSC) says, "cyber security is not an IT problem, it's a business one". Here are some cyber security best practices for UK SMEs to help you keep your business safe online.
1. Keep Your Software Up To Date
One of the simplest and most effective ways to improve your cyber security is to keep your software up to date. This includes not only your operating system, but also any applications you use, such as web browsers, email clients, office suites and so on.
Most software updates include security fixes for vulnerabilities that have recently been discovered. By keeping your software up to date, you can help to protect your business from being exploited by these vulnerabilities.
2. Use Strong Passwords And Two-Factor Authentication
Another important cyber security essential is to use strong passwords, and to enable two-factor authentication (2FA) wherever possible.
Strong passwords are long, random and contain a mix of upper- and lower-case letters, numbers and symbols. They should be unique to each account, and you should never reuse a password on multiple accounts.
2FA adds an extra layer of security to your online accounts by requiring users to enter not only a password, but also a code that is generated by an app on your phone or another device. This makes it much harder for attackers to access your accounts, even if they have stolen or guessed your password.
3. Be Careful What You Click On
One of the most common ways that businesses are compromised is by employees clicking on malicious links or attachments in emails. Attackers will often send ‘phishing’ emails, texts, or WhatsApp messages that look like they come from a legitimate source, but which contain malicious links or attachments. If an employee clicks on these, they can inadvertently install malware on their device or give the attacker access to their account.
To protect your business from this type of attack, you should educate your employees about the risks and teach them how to spot malicious emails. You should also consider using a spam filter to block malicious emails before they reach your employees.
4. Back Up Your Data
Regularly back up your data using a secure, cloud-based service. This way, if your systems are compromised, you will be able to restore them from a backup and minimise the impact on your business.
There are many ways to back up data, such as using an external hard drive, a cloud-based provider or a backup solution provided by a managed IT service provider. You should choose a method that is appropriate for your business and make sure that you test your backups regularly to ensure they are working as expected.
5. Consider Using EDR Rather Than Relying On Traditional Anti-Virus
Traditionally, many have used antivirus software for protection of endpoints. However, you should consider using EDR instead. Endpoint Detection and Response (EDR) is a cybersecurity technology that monitors endpoints (including computers, laptops, and mobile devices) for suspicious activities. To mitigate the risk of a security breach, it detects, investigates, and responds to malicious activities on the endpoint. For real-time threat detection and response, EDR typically combines analytics, machine learning, and threat intelligence.
There are many benefits to using EDR, from greater security to advanced threat detection, as it protects against emerging, unknown threats.
Find Out More
If you are concerned about your business cyber security and would like to talk to one of our online security specialists in confidence about your options, please click here to send us a message, or call us directly on +44 333 900 9050.
Image Source: Canva