Cyber in 2020: The threats and the solutions

Cyber in 2020: The threats and the solutions

This interview is part of a special report published by Insurance Business Canada.

You can read the full report here.

 

In a discussion with Insurance Business Canada, Trisura’s assistant vice-president of professional solutions, Michael Kalakauskas, weighed in on some of the biggest cyber concerns facing brokers in 2020.

IB | How is the cyber insurance market shaping up in 2020?
Michael Kalakauskas HeadshotMK | 
The cyber market has been very volatile for most of 2020. We have seen pricing increases range around 10% to 50%, as well as a substantial increase in deductibles. Furthermore, most markets are reducing their capacity, with limits being greatly lowered on both third-party and first-party coverages. While some markets have pulled back, others have increased their appetite and capabilities. It’s a very interesting time in the cyber insurance world.

From a cybersecurity trend standpoint, the sheer volume of cyberattacks and compromised personal information on a worldwide level is at an all-time high and will only continue to grow with the expansion of things like company interconnectivity, the Internet of Things, the use of cloud services, artificial intelligence and machine learning, automation, and small to medium-sized business vulnerability. These trends point to the need for all organizations to increase their security and awareness in protecting themselves against cyberattacks and data breaches. Cybercriminals and attacks are only getting more sophisticated, so as an industry, we need to keep up with and respond to emerging threats.

Another important trend is the evolving landscape of international data privacy laws and government/regulatory body involvement. These new or updated laws – for example, GDPR in Europe or PIPEDA here in Canada – are making companies move from a reactive approach to a proactive approach towards cybersecurity. We’re now seeing a greater focus on system security and the ability to safely store and use personal information.

In terms of cyber coverage, brokers need to be aware that third-party liability coverage for data breaches is only one piece of the overall cyber insurance puzzle. The trends from a coverage standpoint – and the most causes of current cyber claims, in our experience – are ransomware, social engineering and business interruption. Not all businesses carry large amounts of personal data that may be targeted in data breaches; however, all businesses are dependent on computers, cell phones and the internet – things that ultimately make them vulnerable to different types of cyberattacks. The one thing that all companies do hold is employee data, which exposes all companies, regardless of size, to a potential data breach.

It is easier to target small and mid-sized companies, as they may not have adequate security measures and resources in place to protect themselves. To safeguard against today’s cyberattacks, small companies must reassess their security position and ensure adequate measures and controls are implemented, including the purchase of cyber insurance coverage and speaking with a true insurance professional.

IB | How has the COVID-19 pandemic – and the accompanying increase in remote work – impacted the cyber insurance market?
MK | COVID-19 remains a challenge for the insurance world. The cyber insurance market should be very concerned with heightened cyber exposures while people work from home with lesser security, employee awareness and procedures. This is the perfect time for cybercriminals to make their move, and we’re already seeing phishing attacks and viruses on the rise in every sector. Also, when working from home, it’s harder to react and deploy an incident response plan or disaster recovery plan, which may result in more frequent and possibly more severe attacks.

It’s a time of great stress and worry, and people are paying less attention. Things that might impact cybersecurity during COVID include older/out-of-date computer software and antivirus software/firewalls, a lack of cybersecurity procedures/policies, a lack of encryption protocols, infrequent password changes, audits not being performed, general misuse of computers and emails, and employees not on high alert. We must all stay vigilant.

IB | Which client groups should be the target markets for cyber insurance this year?
MK |
All businesses – small, medium and large – have cyber exposures, and each company should be having conversations with their insurance broker about adequate cyber insurance coverage and risk transfer options. That said, I would prioritize some of the industries that have not previously bought cyber insurance on a widespread basis. Industries including finance, banking, healthcare, retail and hospitality – all well known for holding and using personal information – have already been exposed to cyber insurance and the risk of data breaches. Industries like construction, transportation and manufacturing, as well as smaller professional offices, however, are slowly being exposed to cybersecurity needs and do need more awareness in this space.

At Trisura, we are trying to increase the exposure of cyber insurance with all of our small to medium-size business clients, regardless of industry type. As mentioned, it is easier to target small and mid-size companies, as they may not have adequate security measures and resources in place to protect themselves. Trisura has a large surety book that comprises clients of all sizes in the construction industry – for example, builders, developers and contractors – and with them being more reliant on technology and computers, it is imperative that we offer cyber solutions as part of their overall insurance and surety bonding package. Likewise, we insure many small to medium-sized professional offices for errors & omissions insurance and directors & officers liability, and we are currently trying to target them for cyber coverage as part of their insurance portfolio.

IB | What features should brokers look for in a cyber policy today?
MK |
Overall, good cyber insurance provides coverage for both an insured’s first-party and third-party losses associated with a network security breach, as well as the loss, theft, or unauthorized disclosure of personal information or confidential corporate information. The coverage should include expenses related to breach notification, extortion threats, public relations, credit monitoring, forensic investigation, defence costs, the costs of judgments or settlements, regulatory claims, business interruption and media liability, among other things. The reality is, every business has an exposure and should be protected accordingly. Exposures come in the form of employee information, customer information, internet access, electronic and network activities, and the overall use of technology.

Specifically, the most important element of any good cyber insurance policy is the claims handling service and response team associated with it. A cyber insurance policy should give clients access to experts in all fields of cybersecurity and make them feel comfortable throughout the whole process, whether it’s a full-blown claim, a possible breach or a system hack. The response team should be quick, flexible and able to handle any type of scenario. A good response team should include law firms and breach coaches; forensics and investigation professionals; public relations and communication specialists; and breach notification, identity repair and credit monitoring firms.

Legal experts can help minimize the risk of litigation and fines in the wake of a breach. They can provide legal advice based on your specific incident, such as determining how to notify affected individuals, government agencies, third parties and others who may be impacted. The law firms and breach coaches can also manage breach response teams and oversee all aspects of the response.

Forensic and investigative providers can advise your organization on how to stop the current data loss, prevent further harm and secure evidence as necessary. They can also determine where, when and how the breach or hack occurred, analyze data sources to determine what information has been compromised, and assist in data restoration.

Public relations providers can help develop both the internal and external communications needed during an incident, as well as oversee crisis management services. They can also provide advice on how to best position the incident to key audiences, update social media and help manage media questions related to the issue. Breach notification providers can help in the form of credit monitoring, credit reports, call centre services and direct mailing campaigns.

IB | If brokers are looking to sell cyber insurance to a client for the first time, what key points should they stress?
MK | All businesses, regardless of size and industry type, have cyber exposure. Regardless of whether they hold or store their customers’ or suppliers’ personal data or corporate information, these businesses have data on all of their employees and stakeholders that is at risk. Furthermore, all companies are reliant on computers, cell phones and the internet and therefore are susceptible to loss in the event of a cyberattack like ransomware, a hack, data loss, payment diversion or phishing, malware, and software or hardware failure.

Cyberattacks are indiscriminate and could come from anywhere. Even if it’s not from an attacker, one of the biggest forms of cyber exposure is the error of an employee clicking the wrong link, sending an email to the wrong person or leaving an unencrypted laptop or cell phone at a public place. Giving a tiny window of access to someone is all it takes. Cyber exposure could come from anywhere, and if it were to happen, it could give rise to significant financial loss.

My rule of thumb is to advise businesses that cyberattacks are not a matter of if but more of a when, and whether the company is able to withstand the financial impact of such an attack or loss. If it is not, or the business would like some additional protection, then cyber insurance is a key to their risk management process, no matter their size of business.

 

Cyber Security and COVID-19: What Everyone Needs to Know

Cyber Security and COVID-19: What Everyone Needs to Know

By Sara Ametrano

 

In these times of social distancing and working from home, it’s become even more crucial to ensure strong cyber security measures are in place for your business. Working from home can pose its own challenges and takes adjusting to; the last thing anyone would want is a cyber breach to occur at the same time.

As organizations have moved to a work-from-home state, it can be argued that the risk of cyber exposure is even higher. This is due to an expanded attack surface with potentially weaker security protocols. Employees may also be using devices provided by the company and/or personal devices when accessing the company network, making the cyber playground vaster and more vulnerable.

We at Trisura are also working from home and have compiled some tips and tricks that work for our team to share with you and your clients. This article will highlight several different tools and strategies companies, employees and brokers can use to combat potential cyber breaches.

What organizations can do:

Implementing a multi-factor authentication process (at least two steps) for logging into a company’s network remotely adds an extra layer of security as it requires identity confirmation through a variety of factors. This could be in the form of security questions, multiple email addresses or sending a code to a mobile device.

Installing smart anti-virus software can help to alleviate any worries surrounding breach protection. It is recommended that organizations opt for “next-generation” and intelligence-based anti-virus software since these types of virtual shields can evolve like viruses do. They are programmed to analyze data, such as unique characteristics, rather than simply looking at signatures.

Just as it’s important to always hit the “Save” button as you work, offline and offsite data backup is also good housekeeping for combating ransomware. Frequent backups, both at the PC and network levels, will prove to be useful should you be required to wipe the system clean and reinstall everything.

What employees can do:

Having up-to-date firewalls and technology (i.e. patching) are certainly important, but it doesn’t stop there: ensuring employees have the proper training and information about cyberattacks is equally important. If an attacker tries to obtain personal information through email, for example, employees who know how to spot suspicious emails are more likely to thwart a possible breach than those without cyber awareness. 

The employee’s responsibility begins at the login page. Once an attacker knows the username, cracking the password may not be too difficult. To avoid an attacker breaking into your network, here are some password tips to keep in mind:

  • Change your password often;
  • Make your password hard to guess with a combination of upper and lowercase letters, numbers and special symbols; it should not be something related to you;
  • Do not share your password with anyone.

What brokers can do:

As there may be some uncertainty surrounding the vast world of cyber, brokers should familiarize themselves with the risks. Brokers can serve as a resource for your clients and spread awareness through news stories and articles that highlight the exposures.

It’s also important to gain an understanding of where your clients may be vulnerable to cyberattacks. Find out your client’s cyber protection measures and help identify these gaps. With the help of insurance carriers, you can then suggest experts your client can use to strengthen their cyber breach prevention practices.

Now you’re ready

We hope these tips prove helpful in mitigating your and your client’s cyber exposures. Though there are many controls that can prevent cyber-attacks, remember that the human element is the most important piece of the puzzle. Employee errors cause the most breaches, so if the organization has good employee training and awareness policies, you are well on your way to combating the bad actors.

If you have any questions or are want more advice, don’t hesitate to contact your Trisura expert.

This article does not intend to provide legal or technical IT advice.  You should consult your own legal counsel or IT professional in connection with matters affecting your own legal or technological requirements or interests.