As hackers and cyber thieves are becoming more technology literate, the scale and sophistication of cyber-attacks are increasing. In San Francisco, for example, the San Francisco Municipal Transportation Agency (SFMTA) became victim of a ransomware attack. A user (in SFMTA case an employee) unknowingly downloaded the malware on their computer which then was seized by the cyber criminals’ ransomware. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
The internet is not a stable institution as many believe. Web companies have tight security protocols that are dedicated to network security infrastructure. In October, Dyn, a web company that controls the internet domain name system, was attacked. Their system was infected with “botnets,” a malware that is designed to bombard a server with traffic that overwhelms the server and crashes.
These are two examples that prove no one is 100 percent safe from cyber-attacks. Tracey Vispoli, President at Berkley Cyber Risk Solutions advises that, “Everyone should assume at some point their data will be viewed by an unauthorized person or group of person with the intent to disrupt, destroy, or hack that information for their own gain or purposes.”
Cyber threats can have an impact on all insurance policies. In reviewing insurance policies, organizations should look for where coverage exists and where there’s a gap. Some policy forms include data breach exclusions while others include some coverage but may not be sufficient in recovering lost data and other expenses accrued from a loss. As cyber threats are becoming increasingly common, cyber policies will also evolve, according to Manny Cho, executive vice president at Risk Placement Services, Inc.
Cyber risk management is a good practice that organizations can do to help protect themselves from losses. But what should organizations do in the event they fall victim to a cyber-attack? Having a cybersecurity strategy can be a good defense. Christopher Roach, Risk and Advisory Services managing director for CBIZ, has a 3R strategy that can be helpful in the event of a breach.
- Recognize: Organizations need to find the source of the incident. Finding the source is important to help minimize the damage. Roach states to look to internal controls. Monitor logs and access to networks to find signs of breaches.
- React: Cut off access point to slowdown the hacker and attempt to preserve the environment that has been compromised. Proactive monitoring, training employees or other IT users, and layered security. Law requires that if any identifiable information has been compromised, the affected parties must be notified. Check with your attorney for more information in the event a breach of this nature occurs. Forensic analysis should be conducted and organizations should look for a tech company that is experienced with cybersecurity risk mitigation.
- Recover: Organizations need to fix the vulnerable areas that led to the breach and discuss what they can do to better secure their data. After they fixed that, Organizations should be implementing a risk management program and do periodic cyber risk assessments.
A cyber insurance policy should be considered as part of your risk management plan. Most policies are designed to protect your organization from various types of cyber threats. For more information regarding cyber policies or if you would like us to provide a quote, let us know. We are here to help.