Risk & Business Magazine Rogers Insurance Spring 2017 | Page 26
CYBERATTACKS
Cyberattacks:
The Achilles Heel of the Business World
A
s cyberattacks increase
in Canada and all over
the world, the common
misconception that cyber
criminals are targeting only
large scale organizations remains strong
and could be to the detriment of small
to medium businesses. One of the most
valuable commodities today is data, and
cyber criminals are becoming highly apt at
hacking and breaching security measures.
“In 2015 alone, 43% of cyberattacks
worldwide were on organizations with less
than 250 employees- an 18% rise from
2011,” according to Symantec.
Many companies are struggling to keep
up with the rising prevalence and costs of
mitigating cyber security risks, according
to EY’s 19th Global Information Security
Survey 2016-2017. Moreover, as stated by
EY, most organizations are lagging behind
in preparing their reaction if a breach were
to occur, ignoring the common accepted
notion that “it’s not a matter of ‘if’ you are
going to suffer from a cyberattack, it’s a
matter of ‘when’ (and most likely you already
have).”
Deloitte’s 2015 cyber security survey
revealed that most Canadian companies are
not fully prepared for the rising aptitude of
cyber attackers. Of the 103 organizations
surveyed, only 9% were deemed highly
secure and resilient towards security
breaches.
“In 2016, the average total cost of a data
breach in Canada was $6.03 million,”
in reference to a study conducted by the
Poneman Institute.
While it is crucial to build large scale
defenses and cyber risk mitigations, it
is equally important to prepare for the
disruption a cyber breach could have on a
26
business. Organizations need to be ready to
deal with outcome of a cyberattack in order
to minimize the impact and disruption on
operations.
COMMON TYPES OF CYBERATTACKS
INCLUDE:
1. Holding data for ransom. In this
instance, the cyber attacker will access
crucial information and encrypt files
with passwords that cannot be accessed
by staff. They are essentially holding the
data “hostage” until a ransom is paid. The
University of Calgary was a recent victim
of a cyber ransomware attack, paying a
total of $20,000 to regain access to their
email systems.
2. Malware attacks are prevalent and
diverse, ranging from viruses to spyware
and ransomware. The most frequent spread
of malware attacks is through link clicking
and or downloading email attachments.
In March of 2016, the Bank of Canada
received 15 million unwanted emails, which
were mostly blocked by the bank’s security
measures. Even so, many employees who did
receive the messages either opened emails or
clicked on links designed to compromise the
bank’s highly sensitive information.
The above examples of cyber risks
necessitate both the security safe guards
and the education of employees on cyber
safety. The cost of damaged or compromised
data can seriously impact an organization’s
business objectives, as well as potentially
damage their public reputation.
Cybersecurity is an increasing issue not just
in Canada, but all over the world. Globally,
the cost of cybercrime topped $3 trillion in
2015 and is estimated to reach a whopping
$6 trillion by 2021, according to an analysis
conducted by Cybersecurity Ventures. A
successful cyberattack (which is inevitable
BY: TANYA HAGE COBURN
SHARP INSURANCE
for most business) could cost upwards of
hundreds of thousands of dollars to repair,
or worse if the company’s reputation has
been damaged. Despite the clear risks and
costs of cybercrimes, many organizations are
not adequately equipped with measures to
properly and quickly handle cyber breaches.
To mitigate the potentially catastrophic
damage cyberattacks could have, businesses
need to familiarize themselves with the
comprehensive range of cyber insurance
available to cover them in the event of a
cyber breach or hack. Unfortunately, most
cybercrimes are not covered by standard
property or crime insurance policies. There
are, however, a range of cyber insurance
packages available to cover damages and
liability arising out of cybercrime.
According to Rogers Insurance, examples of
cyber insurance coverage include:
• Coverage in the event of business
interruption due to a cyber attack
• Coverage for data restoration and
rectification in the event of a loss
• Coverage for damages claims for third-
party data breaches
• Coverage for retailers in the event of
lost or stolen credit card data
• Costs associate with breach
notifications
• Reputation management costs after a
cyberattack including engaging a PR
firm and loss of future sales arising out
of customers switching companies due
to damaged reputation.
As experts in cyber liability, Rogers
Insurance can provide businesses with
comprehensive coverage for a variety of cyber
risks. For more information please contact
Rogers Insurance, www.rogersinsurance.ca
or call 1-800-565-8132. +