Cyber Attacks - A Growing Business Interruption Threat
Cyber Attacks Business Interruption - When you think about what usually causes a business interruption, natural disasters such as fires, earthquakes and floods probably come to mind first. These events can physically damage your property and equipment, making your workspace unusable for a time. The damages from Hurricane Katrina and Superstorm Sandy are prime examples of how a natural disaster can put a halt to a business' day-to-day operations. Many of the businesses affected by these storms remain closed to this day. While natural disasters are still the main reason for an interruption, another cause has made a quick move up the ranks: cyber attacks. As businesses continue to rely on computers and digital storage of essential data, cyber attacks will continue to be a potential exposure. Read on to learn how a cyber attack could lead to a business interruption and what you can do to mitigate the risk.
How can a cyber attack cause a business interruption?
Hackers, thieves and other unauthorized individuals have become adept at exploiting weaknesses in business computer systems, whether through traditional hacking methods or social engineering. There are several types of attacks that could completely cripple your ability to perform normal business activities, including:
- Malicious code that renders your website unusable
- Distributed denial of service (DDoS) attacks thatmake your website inaccessible to employees andcustomers alike
- Viruses, worms or other code that deletes criticalinformation on a business' hard drives and otherhardware
It is easy to see how any of these events might leave your company scrambling to do business. Unfortunately, many smaller businesses don'nt have the manpower available to detect the problem and work on fixing it, which only increases the length of an interruption.
Third-party interruptions can have a major effect on your business
You can still be affected even if it isn'nt your business that experiences a cyber attack. Imagine what would happen if one of your vendors suffered an attack, resulting in a complete shutdown of its warehouse or website. Unfortunately, attacks on third parties are often out of your control. Such an event could have a profound effect on how much business you are able to do, and that would trickle down to your customers, who may rely on your products or services.
Ways to prevent a cyber attack from causing a business interruption
A common saying in the cyber security world is, "It's not if you'll be a victim of a data breach, but when." While 100 per cent protection is impossible, you can help lower your chance of business interruption due to a cyber attack by following these tips:
- Create a formal, documented risk management
- plan that addresses the scope, roles,responsibilities, compliance criteria andmethodology for performing cyber riskassessments. This plan should include acharacterization of all systems used at theorganization based on their functions, the data theystore and process, and their importance to theorganization.
- Make sure all firewalls and routers are secure andkept up to date.
- Implement a cyber security policy that educatesemployees about the dangers of computer intrusionsand how to prevent them. KRGinsure canhelp you draft a cyber security policy specificallytailored to your company.
- Download and install software updates for youroperating systems and applications as they becomeavailable.
- Implement a strict password policy and haveemployees change system passwords every 90days.
- Limit employee access to company data andinformation, and limit authority to install software.
- Make sure you are covered by a cyber liabilityinsurance policy.
How can cyber liability coverage help?
Most traditional commercial general liability (CGL) policies will not cover business interruption losses due to a cyber event. Luckily, cyber liability coverage can fill that void. Should your business be unable to perform normal business operations, a cyber liability policy can help pay for expenses related to an interruption. The coverage pays for:
- Lost income due to the event;
- Profits that would have been earned had the eventnot occurred;
- Operating expenses, such as utilities, that must bepaid even though business has temporarily ceased;and
- Rented or leased equipment.
Cyber liability coverage also helps protect your business from the following events:
- Data breaches, including costs for customernotification, some legal costs and credit monitoringfor those affected
- Damages to third-party systems, if, for example, aninfected email from your servers crashes thesystem of a customer or vendor
- Data or code loss due to a natural disaster ormalicious activity. Physical destruction ofequipment is covered under a different policy
- Cyber extortion, including ransomware, which ismalicious code installed into a computer on yournetwork that prevents you from accessing it until aransom is paid
- Even though business interruptions due to cyber attacksare relatively uncommon, being unprepared for onecould prohibit you from doing business as usual.
Contact KRGinsure today to find out how we can help you avoid a Cyber Attacks Business Interruption.