How do I manage my Cyber Risks?
A UK Government report says, about 98% of large UK firms lack insurance that could help them recover from a serious cyber-attack.
According to the report, 81% suffered a security breach in the last 12 months. The report aims to convince firms to buy insurance to help them manage escalating cyber-threats.
Insurance can show companies how to cope better with attacks and understand the risks they face.
The report revealed that a tiny fraction of large UK firms have taken out insurance that could help pay the cost of recovering from a serious security breach. Whilst in smaller firms, cyber-insurance was almost unheard of.
A separate security survey, in 2014, suggests the average cost of a serious security breach on large firms was £600,000 and £1.15m to recover from. Whilst for smaller firms, costs are £65,000-£115,000.
“The cyber-threat remains one of the most significant – and growing – risks facing UK business,” said Cabinet Office Minister Francis Maude in a statement.
He went on to say, “Insurers can help guide and incentivise significant improvements in cybersecurity practice across industry by asking the right questions of their customers on how they handle cyber-threats,” said Mr Maude.
As well as putting adequate insurance in place, it is important for you to manage your own cyber risks as a business. This is also mentioned above with regards to regulatory bodies. This includes:
- Evaluating first and third-party risks associated with the IT systems and networks in your business
- Assessing the potential events that could cause first or third party risks to materialise
- Analysing the controls that are currently in place and whether they need further improvement.
In 2014 the Government launched Cyber Essentials – a basic cybersecurity hygiene standard to help organisations protect themselves against common cyber attacks. Considering Cyber Essentials accreditation is a good first step in becoming cyber-resilient.
Todd and Cue have also partnered with Wiggle Security; a cyber security firm in Newcastle who take away the hassle regarding cybersecurity and they are able to carry out web audits to ensure you have a put enough cyber countermeasures in place to satisfy both your insurers and any governing body such as the (ICO), but more importantly to deter a cyber attack.
If you suffer a cyber breach, having cyber insurance can make the recovery process as straightforward and rapid as possible (however it is still likely to take a number of days or weeks depending on the severity of the incident). Many insurers include technical assistance with managing a breach as part of the insurance policy – if so, get in touch with them as soon as possible after the breach is discovered.