How prepared are you for a cyber attack?
"Cyber threats are very real and cyber crime is increasing, and will continue to do so as hackers continue to evolve," says Ryan Clark, National Manager Liability, NZI.
Attackers aren't picky, says Clark, they target small and large businesses alike. Statistics from Norton Antivirus state that almost one in five New Zealand SMEs have been targeted by a cyberattack with the average financial loss per attack at NZD $19,000*.
While the exact cost of a cybercrime incident varies wildly, from loss of productivity through to lost revenue and even business closures, what is certain is that cybercrime is everywhere, all the time. The nature of the internet means attackers are global: Africa, Eastern Europe, Russia, or right next door.
"Attackers are looking for cash returns, too," says Clark. "For example, ransomware can be used to target any business and the average ransom demand has skyrocketed, from US$294 in 2016 to US$1077;** there were 4000 ransomware attacks every day last year globally*** – and in New Zealand, we're seeing around 108 incidents daily."
It's hard facts like these which make the case for the protection that insurance provides, Clark notes. Companies which are affected by an attack could face disruption, costs to rectify breaches and, potentially, legal and reputation management expenses. It can, in other words, be expensive to set right.
"SMEs often don't have immediate access to the expertise required to deal with a cyber attack, which can add to the length and impact of the issue by trying to resolve it themselves," says Clark.
"That's why cyber insurance is crucial because it provides access to a panel of experts 24/7 to intervene as soon as the attack is detected and while it is happening – including IT forensics, legal and public relations."
Clark says the average total cost to a business of an attack would be in the vicinity of $50,000 to $100,000 (including loss of revenue, reputational damage and system/data recover). Adding that many businesses don't recover, "A statistic that came out of the US stated that 60 per cent of SME's in the US go under within 12 months of experiencing a cyber attack."
HOW CAN BUSINESSES PROTECT THEMSELVES?
Clark says that education is key. "A lot of cyber claims we are seeing have been caused by employee error – accidently clicking on links they shouldn't or transferring viruses via USB. Teach your staff how to recognise a phishing email, the importance of good data management and what's appropriate behaviour online."
He also advises businesses should have software and operating systems updated regularly, install firewalls, anti-spyware and antivirus across your network. Know the value of your data and back it up, have an incident response plan mapping your cyber risks, and, of course, have cyber insurance.
For more information on insuring your business visit www.nzicyber.co.nz or talk to your broker.
READ MORE: 88 per cent of business unprepared
*Source: Norton New Zealand SMB Cybersecurity Survey, 2016
**Symantec, Internet Security Threat Report, April 2017
***Deloitte, Ransomware Holding Your Data Hostage. Threat Study, Issue Date: August 12, 2016
- Sponsored content