Cyber Liability - Are you protected for the 'just in case' scenario?

Every company that deals with the public has something that criminals want. It’s called data or personal information. Sold to the right people data can be very valuable. Alternatively, for certain individuals, the act of simply disrupting an organisation can be sufficient reward.

All firms should ensure that their IT is protected to make hacking as difficult as they can. Sadly, sophisticated hackers can get into even the most well protected systems. It is up to each firm to take the appropriate measures to ensure that risks are mitigated.

The common perception is that sophisticated systems and comprehensive cover will be prohibitively expensive. However, in the event of a cyber issue, the cost of recovering systems and data may be far more serious.

Should data be stolen/hacked then even the big corporates would have trouble rebuilding trust with the clients and the wider public, so what chance would a small/medium size insurance broker stand? A firm may well be held to blame for not protecting sensitive information.

Who is hacking your data?

This is a ‘how long is a bit string’ question. Some will be corporate hackers that are employed by criminal gangs, possibly in other countries and are in it purely for financial gain. Some however are perpetrated purely for kicks as a demonstration of their ‘skills’.

The result of a hack is very often the same; untold damage done to your client data files that will cost money to put right.

The National Crime Agency (NCA) has issued a report recently that shows that hackers are getting younger and younger. There are even tools available online to help you learn how to hack! At the heart of the NCA's report is a simple but worrying conclusion: the internet is creating a new kind of criminal - the cyber criminal. For more information you can view the NCA’s website here

What can you do?

As part of the RWA health check we ask several questions regarding the cyber insurance cover a broker has in place. 

I spoke to broker a few weeks ago who stated that the cost of cyber insurance was prohibitive at around £2000 pa. My response was along the lines of ‘what if you were hacked and had data stolen, how are your clients going to react?

I also asked how they would find the funds to a) effect possible repairs/upgrades to the system, and more importantly b) how would they protect themselves from possible litigation from disgruntled clients whose data has been compromised or stolen?

Remember that if a firm loses the client data they are held responsible regardless of how the data was lost. 

What happens when you are the victim?

In the last week (May 2017) I witnessed first-hand what happened when a small broker became the victim of a ‘ransom attack’.

  1. The company was virtually brought to a standstill as its server was locked out until some sort of payment is made. This didn’t include their trading platform, but as they store all their client files on a local server, and save only a limited amount of data within the trading platform, it was extremely disruptive.

  2. It was then discovered that their emails were also locked out, so no email communications were possible.

  3. This also meant that data that would not normally be stored, but was within the body of an email, was vulnerable.

Thankfully the firm had listened to warnings from RWA and security professionals, and took out cover with a mainstream insurer whose response was both helpful and incisive.

This cover included forensic examinations of the infected server to ascertain where the attack originated from, assistance in getting them back up and running, and more importantly, financial assistance in repairing the damage and protection should clients whose data was affected decide to start legal proceedings (remember the data belongs to the client not the firm). 

In addition to this there were back up systems in place that included full redundancy system and cloud back up. This allowed their IT people to download data that was at worst only 24 hours old from the cloud.

Just think how much this would cost without some form of cover in place!

Disaster Recovery Plan (DRP)

Cyber liability is here to stay, whether we like it or not. It doesn’t matter if the perpetrators are kids ‘having a bit of fun’ in their bedroom, a corporate attack from another company, or criminal gangs targeting you, the outcome is generally the same - the inability to function properly.

The end damage could potentially shut a firm down. The perpetrators are not very particular in their targets, we are all at risk whether we be an insurance broker, estate agent or the local GP surgery.

For this simple reason, ALL firms should include cyber liability within their DRP as a matter of. This should include a full rationale as to what the firm will do to attempt recovery in the event of an attack. 

Does your company’s disaster recovery plan include cyber liability insurance? If not then please contact your RWA Regional Business Manager in the usual way.

Peter Stokes
RWA Regional Business Manager

About the author

Peter has led a varied professional life in the financial services industry. Having started at the Co-Operative Insurance Society (Divisional Life Inspector), he moved to Lloyds Bank (Regional Induction Trainer) and The Finance Planning Group where he held the position of Business Standards Officer. Peter then spent 6 years as a Regulatory Consultant for Jelf before joining RWA, where he now looks after clients in London and the South. 

Peter Stokes

Get RWA Insight In Your Inbox

Regular business news and commentary delivered direct to your inbox each week. Sign up here