THE use of information technology to steal is fast overtaking drug dealing as the crime of choice.
There is no longer the need to break into business premises. Hackers and fraudsters can do this remotely, with less risk of detection and more reward. It is no longer restricted to the lone hacker. In certain parts of the world, cyber crime is organised and on an industrial scale. It is thought that over 100,000 people are involved in hacking and cyber espionage in China alone.
Cyber crime includes theft of money and property, malicious damage to computer systems and extortion. It affects all of us, and statistics show worrying increases in loss frequency and monetary values.
The commercial concerns include theft of money, loss of data and damage to systems, as all can affect business operations and profitability. Loss of information held about others, or email transmission of a virus infected file to others, can result in legal liability for third party injury and loss, regulatory fines, loss of income and reputational harm.
Cyber security and effective risk management will help prevent or mitigate loss. However, IT systems can never be fully protected against all virus and other electronic attacks. Like physical damage to property, losses are almost inevitable. Much like securing business premises against break-ins, action to protect IT systems and data will reduce the risk and potential scale of loss. At a recent Cyber Risks conference in Northampton, a representative of the National Fraud & Cyber Crime Reporting Centre stated that over 80 per cent of cyber crime can be prevented.
Typically, actions should include –
– Fire walls, with intrusion detection and anti-virus software
– Information back-up and regular software updates
– Physical security – particularly for laptops, smart phones and other mobile devices away from your premises
– Employee awareness, including education and password management
– Business Continuity Planning – the investment in back up servers and dual-telecoms to the West Hay site is a positive feature.
If not already considered, a good starting point is the government sponsored Cyber Essentials Scheme. This is already a requirement for government contracts. As cyber threats increase, this type of accreditation looks set to become a minimum requirement for business. It is certainly something to consider for your own partners.
Websites with helpful information include
– Cyber Essentials (www.gov.uk/government/publications/cyber-essentials-scheme-overview)
– CESG (cesg.gov.uk) – the Information Security Arm of GCHQ
– Cyber Streetwise (cyberstreetwise.com)
– CiSP (cert.gov.uk/cisp) – Cyber-security Information Sharing Partnership – closed community
– CPNI – (cpni.gov.uk/) – Centre for the Protection of National Infrastructure
– Get Safe Online (Getsafeonline.com)
However, whatever precautions are taken, losses can happen, and can be insured against. Towergate is a leading adviser on commercial insurance. For more information on Cyber, Crime and Data Loss insurance options, or a free review of how well your current insurance policies protect you already, contact Simon Mitchell, Corporate Account Director at Towergate Insurance Northampton on 01604 887325.
Towergate Insurance is a trading name of Towergate Underwriting Group Limited. Registered in England Company No. 04043759, registered address Towergate House, Eclipse Park, Sittingbourne Road, Maidstone, Kent, ME14 3EN. Authorised and Regulated by the Financial Conduct Authority.