THE recent WannaCry ransomware attacks, which affected many thousands of computer systems around the world, reminds us about the need to make security against cyber crime a key business priority.
Global statistics published by Symantec in its 2017 Internet Security Threat Report show us that the number of ransomware attacks around the world in 2016 increased by 36 per cent to 463,841. The cost of these attacks is also on the rise, with ransom payments increasing from an average of US$294 to US$1077. This does not include significant additional IT costs, downtime and consequential loss resulting from these attacks. Symantec also reported in a press release on 15 May 2017 that it blocked nearly 22 million WannaCry infection attempts across 300,000 endpoints.
The recent Risk and Confidence Survey by insurer, CNA Hardy, examined the confidence and risk perceptions of 500 business leaders and risk managers of multinational UK companies. Results revealed that in March this year technology risk was among the top three risks these companies worry about. It goes on to say that whilst business leaders see technology as key to agility, speed of adaptation and their ability to compete, on the flip side, technology failure or cyber risk in terms of data security, fraud, corruption, viruses, hacking, privacy, compliance and reputation are persistent worries.
The statistics above and the WannaCry attack demonstrate the scale of the issue and the need to prepare for the inevitable. Businesses need to be alert to the problem, take heed of relevant information in the public domain, review processes and protocols and ensure software protection is up to date. If they don’t, senior managers may be judged to have failed in the performance of their duties and responsibilities. Changes in the UK’s regulatory environment with the introduction in May 2018 of the General Data Protection Regulations, will add to this. Regulations will only increase the risks of reputational damage and civil actions against companies and their directors.
Last month’s global ransomware attack highlights the issue of cyber-crime and why it is so important that businesses identify and monitor all potential risks to minimise the impact caused when the unexpected happens. Insurance does have a part to play in this. For further information and to download a copy of the CNA Hardy Risk and Confidence Survey go to www.cnahardy.com/pulse.
Simon is a Chartered Insurance Broker with more than 30 years’ experience and a wide range of knowledge about insurance for business. This includes specialist advice about emerging risks such as Cyber-Crime and Terrorism.
Towergate Insurance is a trading name of Towergate Underwriting Group Limited. Registered in England Company No. 04043759, registered address Towergate House, Eclipse Park, Sittingbourne Road, Maidstone, Kent, ME14 3EN. Authorised and Regulated by the Financial Conduct Authority.