Back
Cyber Security

Protect and serve: insurers and their customers must step up on cyber crime


Ransomware insurance protection is a new and somewhat unwelcome additional cost consideration for the UK’s small to medium-sized business sector. Driven by the pandemic, organisations have largely or at least partially moved to remote operations. This creates a problem for both insurer and insured. Adequate protection against cyber criminals is very much a moveable feast being eaten on shifting sands.

Essentially, there is a stand-off as insurance companies try to limit risk exposure while under pressure from customers who insist they receive the cover their premiums are paying for, whether they are right or not. A compromise solution is needed, but first, both sides need to convene and at least agree on a basic framework for progress.

The responsibilities of the insured

If the owners or managers of a bricks and mortar business did not lock all of its doors and windows at the end of the working day or told the regulars in a nearby pub about how their physical security worked they would rightfully be considered reckless or worse. And yet many SMBs are accused of being similarly lackadaisical in their approach to cyber security, with minimal staff training and a distinct absence of top-down seriousness. This is especially true when staff are working from home, including on BYOD (bring your own device) computers, tablets and smartphones.

The responsibilities of the insurers

Where customers take adequate steps to protect themselves, it stands to reason that insurers should acknowledge these efforts. But how, and to what degree? Providing clearer and more transparent guidance on what level of cover comes with what level of security protection would be a good start – this is felt to be somewhat absent at the moment. It would also help if insurers themselves hired more cyber security expertise into their businesses – again something else that many familiar with the industry feel is lacking. Once all of this is in place, policies can become stricter while the insured’s operations become smarter and more effective out of necessity, on all counts.

Source: techradar pro


RELATED INSIGHTS


Cyber Security

Ransomware & ransomware DoS: similar but different

Ransomware and RDoS (Ransomware Denial Of Service or Ransomware DoS) have a common objective and some of their tactics overlap, but techniques and success rates vary wildly. Ransomware With ransomware attacks, which use a crypto-locking malware that destroys systems and makes data inaccessible. that malware needs to be deployed on servers inside the organisation, from where they can wreak havoc. Initial Access Brokers often make the initial access, then sell that access to ransomware gangs. Ransomware DoS […]