Ransomware is one of the two or three most common forms of cyber attacks. Ransomware is when a cyber criminal locks a person or business out of their data and account and demanding a ransom – or sum of money, – in order to allow people access back into their accounts.
Cyber liability insurance is a trailer to a strong cybersecurity program. The insurance portion helps your organization recover costs associated with the negative effects of a successful cyber attack. Cyber liability insurance cannot prevent you from experiencing loss. A strong cybersecurity program can help mitigate some of the potential losses by making your organization a difficult cyber target.
Cybercriminals are looking for targets with minimum cybersecurity on their systems. If your organization trains your employees to recognize potential foul cyber activity and focuses on an organization-wide goal of cybersafety, you are on the right path to a strong cybersecurity program.
Managing Devices
Device management can seem like such a small part of a strong cybersecurity program, but according to NetStandard 1 in every 3 employees do not lock their work computers when they go to lunch or leave for work (1). This leaves the computers open for every device that accesses your organization’s files. Documents can also be an access point for cybercriminals. An effective device management program encourages your employees to lock down their devices with passwords and to use better when working in public workspaces.
Password Authentication Protection
We’ve previously highlighted the importance of using multi-factor password authentication. Password authenticators vary between digital & physical authenticators, as well as options that are a combination of both. All accounts at your organization should be outfitted with a multifactor authentication process. This added layer of cybersecurity can save your organization
Email, Webpages & Social Media
Cybersecurity is more than protecting your passwords and devices. A strong cybersecurity program includes using smart practices while reading emails, entering data into unfamiliar websites, and safe social media practices. Phishing scamsare one of the most common ways cybercriminals gain access to company information. These criminals pose as a safe and familiar entity and request the victim to allow them access to the account they are trying to take over.
If you have any additional concerns regarding your cybersecurity program and cyber liability coverage contact a Risk Advisor at 914-357-8444
The recent outbreak of the Wannacry ransomware brought renewed attention to the importance of a well-crafted cybersecurity strategy. Every company should have a strategy in place regardless of its size. If you don’t have one yet, there is no time like the present to begin. We previously published an article detailing some key-focus points that should be addressed when developing an organizational-wide cybersecurity strategy.
In this article, we drill down into a handful of steps that can be taken now to begin securing your company’s network and data. This is not meant to be an all-encompassing guide. This is only a starting point. These steps should already be familiar for those that have already implemented a cybersecurity plan. However, the most comprehensive plans are worthless if they are not being executed.
1. Make sure all OS & software updates/patches have been applied.
Microsoft and other software developers such as Adobe and Oracle release updates and patches on a regular basis to improve usability and, more importantly, address security issues. Secure your computer systems by taking the time to install these updates. Turn on automatic updates whenever possible. Set reminders for yourself to check for and install any updates and patches. If you forget once, it is easier to forget again and before you know it months have gone by.
If you are running a PC with a version of Windows earlier than 10, be sure to install any updates and then run the tool to check for available updates again. In many cases, certain updates will not be available until other updates have already been installed.
2. Migrate to a Current Operating System.
Organizations are keeping their existing computers longer than they once did. There can be any number of reasons for this – the computers are “fast enough” to serve the needs of the company, the cost to replace the machines may be too high, or perhaps you need them to support a piece of legacy software that cannot run on new computers. These are all valid reasons but as an OS matures fewer security patches are issued. Eventually, the developer will cease all support. Most newer operating systems will run on older hardware. However, if your hardware cannot support the latest operating system, it may be time for an upgrade as well.
3. Install Antivirus Software.
This should be a no brainer. Many people think they’ll never be a target for an attack and as such don’t bother. For those of you out there thinking you’re “too small” to be a target, here is a sobering statistic: 85% of targets are small businesses. Do your research. There are some good options out there, many of which are free. Make sure protection is installed on all computers. Run scans on a regular basis. Check for and install updates on a regular basis. Antivirus software cannot do its job if it doesn’t know what to protect you from.
4. Password Administration.
More than 50% of people use the same password for all of their logins. Remembering one password is far easier than having a different one for each and every service. This makes compromising access to your corporate systems much easier. Employees should be required to use complex passwords. You can also request passwords to be changed on a regular basis.
5. Set User Access Permissions.
Employees only need access to the data required to do their job. Do they need access to certain sensitive information? Do they need permission to install programs? Narrow an employee’s access and permission only to what is needed. This will better protect your systems should their login be compromised.
6. Backup Your Data.
You may need to restore lost or corrupted data should you be hit with ransomware or your systems are disrupted by another type of attack. Backing up your data to an external hard drive that is always connected to your computer or network isn’t enough. That data can become compromised as well if your backup is connected to the same computer or network that suffers an attack. Hard drives are relatively inexpensive these days. Keep multiple backups off-site and swap them out on a regular basis. It is far easier and less costly to recreate or update a few files than to have to try to recreate years’ worth of data. Another option is to use a cloud-based backup service. Your data is stored off-site and most (but not all) of the burden of protection is transferred to your storage vendors such as Amazon Drive or Carbonite.
7. Transition All Your Data to the Cloud.
This step is a little more advanced than the others. As we discussed in point 6, having your data in the cloud takes a lot of the burden of protecting that data off you and transfers it to your storage vendor. You are reducing the impact ransomware can have by not storing critical information on your computer or network. Keep in mind, however, cloud storage can still be vulnerable to ransomware if you upload an infected file. That is why it is imperative you look for a vendor that can retain multiple versions of files if you decide to go the cloud storage route. You can restore a previous clean version with minimal effort should a file become infected.
8. Discuss Cyber Liability Insurance with a Risk Advisor.
You can do everything to protect your computer network and data. The reality is no system is perfect. Cyber liability can’t stop you from having a ransomware attack or data breach. It will help to cover the costs of investigating the breach. It will help you in the defense of claims from the attack & potential data loss. Many policies may also include cyber extortion costs to address a ransomware attack.
Cyber liability tends to be written on the basis that at least some basic security controls are in place. It is easy to say you are performing these steps on an application. However, if a claim results which could have been prevented by following these steps, it may not be covered.
Contact one of our Risk Advisors today by clicking here to learn more about cyber liability and how it can help your company.
Ransomware is a type of malware designed to deny access to a person’s computer unless they pay the hacker ransom. The NY Times reports that these attacks have grown over the past year with a 41 percent increase in 2019. Ransomware attacks are a growing problem, not only in the severity of the attack but the duration of time an organization is under attack. Also, the time lost from the point of the attack to the backup security.
Cybercrime continues to evolve with the changes in technology. Ransomware attacks have always targeted organizations with lax cybersecurity. Today cyber criminals can embed ransomware onto an organization’s server or website and the ransomware can lay dormant on a machine/server for months while collecting data on the organization.
Business owners should take the time to understand their coverage in their business interruption policies. Since ransomware attacks are becoming easier for cybercriminals to execute, business owners should look into fortifying their digital assets and make sure that they have Business Interruption Coverage in the event their business is attacked. It is scary to think that nothing can be done when faced with a cyberattack, but being prepared for the potential loss revenue/income during downtime due to an attack is just as important as preemptively assessing what cybersecurity measures your organization has in place.
Business Interruption Coverage
Business interruption coverage is only going to help your organization regain some of the financial loss that will occur with a security breach. It is a response to an incident that has occurred, not a proactive approach to stopping a breach from occurring. Without business interruption coverage your organization would not be able to report a claim to help rebuild your business’s lost data. Business interruption insurance covers any income lost due to a disaster, in this case, a disaster would be a ransomware attack or any other type of cyber attack.
A Proactive Approach
Recognizing weak spots in your organization’s cybersecurity is one way to proactively protect your organization from cyber-attacks. Digital has become the new normal. Taking a few extra steps will protect your business assets and save your organization by avoiding a cyber-attack. A few things for your organization to consider are:
Select trusted and reputable telecommunication & telework software for your organization. With more organizations moving to remote work, there has been an uptick in fake telework companies.
Keep an eye out for Business Email Compromise (BEC). This type of compromise can be associated with fake new clients & phishing schemes targeting your employee’s personal data like business logins and banking information.
Use multi-factor authentication when accessing organization sites, resources and files. We previously released an article with our suggestions to prevent SIM-Hacking. Click here to read the guide and learn more about multi-factor authentification.
Ensure all computers & mobile devices have up to date antivirus software installed. Keep all software up to date, including website plugins, browsers, and document readers.
Don’t open attachments or click links within emails received from unknown senders.
Cybersecurity Measures To Take
Another thing an organization does is make sure your employees have the training to recognize ways that criminals attack. Ransomware doesn’t just end up on a server. They place it there through downloaded files or phishing websites.
Train your employees to recognize the signs of a phishing attack. Regularly schedule phishing tests to test whether your employees are practicing safe internet behavior.
Still have questions? Still want more info? Take the proactive approach and contact a risk advisor or call 914-357-8444 to discuss how your organization can protect itself from a ransomware attack and ensure that your organization has business interruption coverage to protect yourself if an attack occurs.
