Cyber insurance for recruitment agencies

category Cyber liability

To School of Risk home

Cyber insurance for recruitment consultants

A job well done

The 21st century way to find yourself a new job is to register with a clutch of recruitment sites and search online. Digital is king in the employment market – all of which makes not only job seekers but recruitment consultants pretty much reliant on the internet.


Website woes

So, when our particular recruitment consultant fired up her PC one morning and tried to log on to her company’s home page, she was surprised to see it timing out repeatedly.

Strange. The site had been working fine the previous evening. And it needed to be working this morning.

The recruitment agency’s website was everything. Without it, nobody could see the jobs it was offering, so advertisers certainly wouldn’t be happy. And as for openings shared across multiple sites, other agencies would already be creaming off all the best candidates.


Searching for answers

First stop was to contact her internet service provider to see if they could help. But everything was reported clear at that end, which meant the issue must be with the server.

A web development agency had built the site and when something serious went wrong, it was usually called to fix it.

Problem was, the developer was stuck in a large and lucrative contract for someone else; they wouldn’t be able to send someone out for several days. And it seemed other IT companies in the area were in the same position.


Good call

At this point our recruitment consultant remembered her cyber insurance and made the call.

Suspecting she’d fallen victim to a DDoS (distributed denial of service attack), the insurer immediately sent out an IT expert to conduct a forensic investigation.

The result was, as thought, a DDoS. This happens when a hacker manages to install malware on a clutch of ‘zombie’ computers that begin sending reams of data to the target. The target is overwhelmed by the traffic bombarding it and goes into meltdown.

The expert helped to manage the attack as it happened, eventually stopping it after 14 hours. (DDoS attacks are notoriously difficult to thwart because the traffic is incoming from multiple infected sources.) He then set about patching up the damage and got the website back up and running by the end of the following working day.


And breathe…

So, crisis averted and business as usual then. But it’s worth taking a look at just how our recruitment consultant’s cyber insurance helped:

  • The IT expert was able to manage and stop the attack, and help get the recruitment consultant back up and running reasonably quickly. Cost of forensic investigation: £2,750.
  • The website was fixed and online again within 32 hours, with no obvious damage. But that was 32 hours the recruitment consultant couldn’t trade. The business interruption part of her policy kicked in, covering the revenue gap in that time. Cost: £1,745.

Total: £4,495.


Blame game

There’s so much data traffic involved in a DDoS attack that it’s almost impossible to trace it back to an original source. So, whether it was an unscrupulous rival recruiter targeting our consultant for commercial gain, or a random hacker just getting his kicks, we’ll never know.

What’s clear though is that recruiting some cyber insurance in the first place was one of the smartest moves our consultant ever made.

Image / photographer: man in suit with binoculars_shutterstock_358366760 |

More from this category

Cyber security for small charities: new guide to staying safe
Cyber insurance for virtual assistants
Cyber insurance for management consultants
Buy online in minutes. Less admin, more business!
yay banner image