“Just as you would insure your company car to protect against unforeseen events while driving on the road, so too should you insure your business against unforeseen events on the global cyber-highway.”
Be Prepared, Get Protected
The global cyber-highway offers SMEs enormous potential to reach out to customers beyond their geographic reach. However it provides cyber criminals that same opportunity.
According to a report by Symantec released in 2013 “the largest growth area for targeted attacks in 2012 was in businesses with fewer than 250 employees; accounting for 31 percent of all attacks.” These attacks are mostly crimes of opportunity.
Cyber criminals seek out those organisations with limited security in order to steal and then ransom sensitive data. By 2014 it was estimated that 45% of all small businesses in the UK were infected by viruses or malware caused by network vulnerabilities.
In some cases cyber-attacks resulted in firms paying out substantial amounts for damages and ransoms, in other more extreme cases, forced a business closure.
As SMEs move more and more to an online presence their vulnerability on the global cyber-highway also increases and so too the potential for cyber-attacks.
Cyber criminals purposefully target SMEs, knowing that their ability to keep abreast of the potential threats and respond accordingly is limited. As more and more SMEs move to a BYOD approach (Bring Your Own Device), the potential for malware to enter internal networks via personal smartphones and tablets, has increased significantly.
Network vulnerabilities are not the only avenue for cyber criminals, others include spear-phishing or phishing; using seemingly legitimate emails and websites to gain access to internal servers to again steal and compromise sensitive data. Innocent employees clink on these links which in turns opens up a portal that cyber criminals can use to their own advantage.
At their recent conference in April 2015, the Australian Cyber Security Centre indicated that the trends of spear phishing and ransomware (returning sensitive data and or reinstating crashed networks) will only increase and that these attacks would not just be limited to data theft, but also take on a more sinister element of destruction.
Implementing a Holistic Cyber strategy
The key to mitigating these cyber threats is to ensure as an SME owner you have a transparent and accountable strategy to mitigate, respond and resolve any and all cyber-attacks.
A good strategy will include a documented ICT plan which addresses the physical network risks, reduces network vulnerabilities and an action plan to address new network threats.
As well, SMEs need to develop and implement clear policies and guidelines, reinforced by regular training to address risks associated with inadvertent network exposures by employees.
SMEs should also consider the value and benefits of acquiring insurance protection which allows them to cover the cost of any breaches incurred by them or third parties, without impacting vital cash-flow.
Your data assets are an important tool of trade. Just as you would insure your company car to protect against unforseen events while driving on the road, so to should you insure your business against unforseen events as you navigate the cyber-highway.
As some SMEs can already attest to, resolving cyber-attacks can put significant strain on the business or in the worst case cause business failure.
The global cyber highway is a great business tool for SMEs but with it comes a responsibility to be aware and responsive to cyber threats: In this new world of doing business on the global cyber-highway SMEs need to be prepared and get protected.
About the Author:
Kerri Lawrence is a Director with SPRIG Insurance, niche insurance specialists who provide innovative, flexible solutions to support SME risk management strategies.