Phone icon
Menu icon
Professional insurance
with a personal touch
We're here to help
0345 222 5391
Mon-Fri, 9am-5.30pm, local rate & mobile friendly

How to fight cybercrime

21/05/2012

Real threat, virtual world

If the words ‘digital risk’ don’t mean much to you, now might be a good time to do some research.

Because cybercrime – the targeting and attacking of businesses through and for their digital assets – is on the increase.

Figures from consultancy firm PricewaterhouseCoopers indicate that large UK businesses suffered an average of 54 cyber-attacks each in 2011, twice 2010’s level. That’s pretty much one every week.

Further figures, this time from the FSA, show that UK companies dealt with 185 security breaches during June, July and August last year. Doesn’t sound like much but reporting attacks is voluntary and the actual number is almost certainly much higher.

What’s clear is that these attacks aren’t just inconvenient: they cost money. The Cabinet Office estimates that cybercrime costs UK businesses around £21bn a year.

Average figures, again from PwC, show that fixing the worst single security breach costs between £110,000-£250,000 for large businesses and £15,000-£30,000 for small ones.

Worse, data breaches are more expensive to fix than security breaches because there's more at stake. The average cost of dealing with these is a whopping £1.9m – the consequences of negligence, lost business and subsequent system repairs/improvements.

Unseen dangers

So, are you prepared? Do you know what your business is up against? Can you say you’re absolutely protected from rootkits, trojans, spyware, phishing etc?

If you are, what about the rest of it? Digital risks come in all shapes and sizes. There's more to it than just keeping an eye out for unscrupulous criminals with financial and political motives.

Different businesses face different digital risks depending on what they do. For example, a business with an e-commerce website, holding customers’ personal and payment data is at greater risk of a costly breach than, say, a company without a website but which uses email.

Cyber damage can be physical and virtual, first party (yours) and third party (your clients'). Here’s what can go wrong:

  • Property damage: fire and flood can wipe out expensive servers and networks. And our claims records show that company laptops and smartphones go missing on a frighteningly regular basis.
  • Virus transmission: your business could be liable if a malicious program originates from you and damages a client or a third party's systems.
  • Intellectual property theft: your secret, valuable design for that new product/building/brand, for example, are fair game to Johnny Hacker – and available to the highest bidder.
  • Reputation damage: social media can turn a minor customer complaint into a major PR disaster quicker than you can say 'Twitter storm'.
  • Libel and slander: email means communicating at the push of a button. Which potentially means pushing the wrong button and sending the wrong email to the wrong person.
  • Data breach: it doesn’t always have to be the loss of customers’ financial data that causes the biggest problems. It could be employee details or commercially sensitive information. There’s third party liability here in addition to your costs of and finding out what went wrong and fixing it.
  • Business interruption: hardware breaking down, software that refuses to work or firefighting a hacker attack can easily put a stop to your day to day operations. That means lost revenue.

Next steps

As always, a little preparation is all that’s needed.

Start with some basic risk assessment to establish what your exposure is. Take a look at the points above and work out how much any or all of them would cost to put right.

Bear in mind that you’re only as strong as your weakest link. Unfortunately that’s more than likely to be human than technical.

Try to make sure that security isn’t just the IT department’s concern. All employees need to be aware of (and regularly reminded of) the risks. Your company’s security is everyone’s responsibility and it starts with fundamental things like setting strong passwords and not leaving laptops on the train.

Above all, we’d recommend asking an expert to point you in the right direction. Getting good advice on what you can do to protect your business, as well as guidance on the most appropriate hardware and software could be priceless.

As could a robust cyber liability insurance policy. If all else fails, at least you’ll have something to fight your corner and pay your bills.

If you liked this, you might like thesethis...

Does your business insurance have hidden benefits?
Not all surprises are nice. But surprise business insurance benefits hidden within your policy documents aren't to be sniffed at. Here's what to look for:
What's employment practices liability insurance (EPLI)?
Employee disputes can happen despite your best efforts. If you're threatened with legal action, employment practices liability insurance has your back.
What is directors' and officers' (D&O) insurance?
Directors' and officers' insurance is a must if you own or help run a business. That's because you can be held personally liable if things go wrong.

More Advice, News & Know-how

Sign up to being prepared and protected

Get reliable advice on protecting and fine-tuning your business or charity sent straight to your inbox. Plus, receive other occasional bits we think you'll enjoy, like competitions and offers. We promise not to swamp you, and you can unsubscribe easily.

Sign me up