But help is here…
It is clear from talking with Gaurav that he has seen and heard some real issues within this space so is well aware of the importance in finding and offering the correct solutions for individuals and businesses who are looking to protect themselves from the associated cyber risks. A wealth of knowledge, experience and advice was shared during our chat and one that could have continued for much longer than it did. Part two pending.
Lee: “So perhaps the awareness around this subject is growing but to keep it basic to start with, what is cyber insurance?”
Gaurav: “Nowadays everything is on our mobiles and our laptops, so people think they are not prone to cyber attacks, it can’t happen to me but it can and it can happen anytime with it likely that you are not even aware of it happening to you. Cyber insurance will help you not only during the cyber attack but pre and post the cyber attack too.”
Lee: “What are the most commonly seen cyber attacks?”
Gaurav: “Cyber attacks can be a malware attack, they ask for money so it’s extortion, there can be phishing attacks where you receive a hoax email and these are the major attacks that happen most often within this region.”
Lee: “With the number of people now working from home higher than ever due to Covid19 is you seeing the number of requests for cyber insurance increasing or has it not changed?”
Gaurav: “The number of requests has definitely increased, if you compare the last couple of years for example we used to receive one enquiry per month and now we are receiving one enquiry per day. The knowledge and awareness is increasing as people are more exposed to cyber risks, with people working from home, information being stored on the cloud so yes there is a big increase at the moment.
The first step to cyber is security, insurance will act as a backup in case of any unfortunate incident then insurance is there to assist. However, in the first instance we will provide services such as training to staff on how to set the correct passwords, have these changed regularly, which emails they should and shouldn’t open and other ways they can lower the risk so by following such steps they can lower the risk but having the insurance as a backup is also very important as even with the best security intentions and systems in place, breaches can still occur.”
Gaurav: “Normally there can be a loss of data, so we pay for that loss, there can be business interruption because systems are hacked so you do not function for one week as an example. We recently had a claim in which one entity who provides data to banks was hacked and therefore they were not able to provide that data on which banks rely upon, so there was a business interruption loss plus a data restoration cost which we paid for plus we appoint incident response managers and forensic experts who work on the case relating to the cyber attacks so these are the major three costs which occur. If you go to the third party aspect of it, for example there is a hospital and someone has health data with the hospital which is leaked then that person can sue because of the beach against their data.”
Lee: “As cybersecurity improves as does the cyber insurance options, is it true that the actual cyber attackers are also improving?”
Gaurav: “Yes this is true, you can pay hackers to send malware to a website or particular client. These people are professionals who are always trying to find new ways to attack from a cyber perspective. This is why it is important to have the protection in place, it will save you from three kinds of impact, financial, reputational and legal.”
Lee: “It seems an important step for any business or SMEs in particular is to just get an initial review of your cybersecurity/risks, is that possible?”
Gaurav: “Yes, it is best to get a review carried out so understand the risks and what can be done. Honestly for SMEs, it will not cost that much to have the cover so it is much better to have this in place than not.”
As with most types of insurance, this subject is vast and no doubt requires another episode but clearly, it is a subject that should not be taken lightly by individuals or businesses and the value of having protection in place can be immense should you happen to face any issues in the future. The risks of an attack and the cost implications to your business following that are high, so high that it could in fact see some businesses close should they have to deal with the financial consequences of any claim.
There are certain things that we can all do, regularly changing passwords, keeping an eye out for any suspicious emails, ensuring cybersecurity measures are in place but it does seem that no matter what you have in place, sometimes even the most sophisticated systems can be breached. Why? The cyber attackers don’t give up, it’s a challenge (a rewarding one for them), they are evolving, they are getting better and unfortunately, that is only likely to continue. As your last line of defence, a solid cyber insurance policy could just be the one piece of security that an attacker is not able to breach and is therefore invaluable to you and your business.