Following the recent cyber attack, which wreaked havoc on the NHS on Friday afternoon, Rossborough Insurance is reminding island businesses to review their breach response plans and to encourage those who do not have these, to put them in place as quickly as possible.
‘Cyber attacks can take many forms and be launched against businesses of any size, in any sector,’ said Lee Refault, director, Rossborough Insurance. ‘Using up to date software, installing security patches and firewalls anti-virus software, regularly backing up systems and, crucially, ensuring staff are well trained are all important precautions that help prevent or mitigate the risk.’
However, Rossborough is warning businesses not to rely solely on IT security. ‘Every business should also have a tested breach response plan in place for cyber crime and data breaches. An insurer can also provide expert advice on these plans, so having a good cyber insurance policy in place can assist greatly,’ added Mr Refault.
‘Recent studies show an attack on your computer systems or a breach of your cloud data is a strong possibility for many businesses. The UK Government 2017 IS Breach Survey found that 46% of all businesses surveyed had a security breach in the previous 12 months, and although 67% of firms have spent money on their cyber security, only 20% have had staff attend any form of cyber security training in the previous 12 months. Only 11% of firms have a cyber security incident plan in place,’ said Mr Refault.
Protection is available however; the UK cyber insurance market is developing in accordance to the level of risk – from the early days of a handful of Technology Professional Indemnity insurers writing cyber, There are now more than 30 cyber insurers in the London market, with capacity now available for £100m limits.
‘Rossborough works closely with our parent, Arthur J. Gallagher, which has been an active participant in the UK and US cyber market for many years and brings with is a wealth of knowledge and expertise,’ said Mr Refault. ‘As well as providing monetary support, cyber insurance policies also provide practical legal and IT forensic support. Dealing with events of this nature is outside of the everyday experience of most IT departments and expert advice can be invaluable to assess the scale of the problem and also help prevent further attacks. Some businesses may be tempted to pay the relatively small ransom but care must always be taken here and the legal support provided can assist businesses in making decisions about how to proceed.’
Within hours on Friday afternoon, the WannaCry ransomware virus spread rapidly to infect 200,000 businesses in 150 countries, affecting real people who are patients of the 48 affected health trusts.