Data breaches are here to stay
I DON'T want to spoil your holiday travel plans, but a recent interview with the UK's Joint Forces Command highlighted that critical transport infrastructure is open to cyber attack, including air and road traffic control, plus rail and other transport systems. And you thought it was just French unions you had to worry about!
Data breaches will be a news staple for the foreseeable future with Dixon's Carphone admitting last month that millions of payment cards and personal data records had been accessed.
From a reputational perspective it's been a painful experience, with customers asking why the news only emerged one year after the hack occurred. Following this, the share prices tumbled by 3 per cent, and the chief executive recognised that the company had “fallen short” of his and its customers' expectations.
Data risks don't have to be solely external though - an internal breach caused by human error is even more likely to catch you out. Of the 3,325 data security incidents reported by the Information Commissioner's Office last year, the most common incident was emails sent to the wrong person.
To prove the point, last month both the Northern Ireland Office and the Department for the Economy demonstrated what can go wrong as one accidentally issued the Secretary of State's briefing lines to the press while the other inadvertently released hundreds of RHI claimants' email addresses.
It demonstrates how acutely organisations need to protect their data, their customers, their reputations and, ultimately, their ability to operate.
Cyber-crime isn't just a problem for big business or those who have the budget to buy protection. There has been an increasing trend of hackers targeting smaller business which are viewed as easy victims, especially professional services firms such as lawyers and accountants who hold a veritable treasure trove of valuable personal data.
The insurance industry has responded by developing a range of cyber security policies to help mitigate this risk. In a recent survey, 90 per cent of brokers felt that demand for these products would grow considerably and 56 per cent agreed that cyber was the most, or one of the most, important insurance risks facing SMEs and consumers.
As the industry has caught up with such emerging risks, companies could in some instances find themselves potentially over-insured. For example, if your firm already has Legal Expenses insurance, that might partially replicate a section included in the new cyber policy.
The advice in all these circumstances is to seek the counsel of a professional broker who will help audit your risks, assess what cover is already in place and help chart out what level of provision is required.
Cyber insurance can protect against a range of potential costs, from ransomware extortion to loss of business income relating to a cyber issue, expenses incurred in repairing damaged websites or even legal costs to help defend and settle claims arising from disclosures of personal data.
Businesses are taking the threat of cyber security seriously and analysts at investment bank Jefferies forecast that the global market for cyber insurance will grow from $4bn in premiums to $7bn in just two years.
Some of that increase – particularly in light of our growing love of smart home technology – will be personal cyber insurance policies. That'll be something to read up on while you wait for your hacked holiday travel plans to be resolved!
:: Michael Blaney is managing director of Autoline Insurance Group (www.autoline.co.uk)