The COVID-19 pandemic created unprecedented situations in businesses and organizations globally, making teleworking a must. Many companies had to adapt their workflows, technology, and the services they offered overnight. However, this was done without prior preparation, resulting in specific risks.
A shocking example, the meetings and councils of European leaders during the pandemic are done online. Even the European digital Summit chaired by President Charles Michel, held where EU leaders saw each other through small screens. This situation raises questions about cybersecurity and data breaches. “One serious problem for all multilateral organizations, such as the UN and the EU, is that their security is in danger by many different factors involved, some of which may not always be well-motivated or by avoiding many necessary security precautions. If there is non-public information, then some people will chase it,” said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies (CSIS) in Washington. Official networks are supposed to be secure. But once someone connects with a laptop on the network, the connection suddenly has a weak point. However, in general, video conferencing is a challenge for hackers to test their skills. “We discovered that many of these technologies are not yet ready, at least the way people implement them for a leading role, so this is a good lesson for people to not only think about the software they will develop, but also its security. It is a good test. Fortunately, there is no real damage as a result so far”, adds the expert.
Whether the public sector and businesses will take security lessons or not from the coronavirus crisis remains to be seen. Experts believe that solid protection in cyberspace will occur, only with new costly investments in cybersecurity.
“Information is the new gold for companies. Spying on corporate data is the main target of malicious users of what we call hackers, attacking for profit. The main dangers for corporate data are their interception, their alteration, or simply their destruction”. George Balafoutis, a Cybersecurity systems designer at Microsoft, explained via Euronews.
When people use a personal computer for work, they must follow specific steps meticulously. “It is important that all the applications used are up to date with the latest security updates, and that the antivirus used is approved and constantly updated by the IT department of their companies”, advises Mr. Balafoutis.
Many argue that the changes brought by Covid-19 are here to stay, and this applies to teleworking as well. “The working model definitely will change”. The current epidemic will end at some point, but companies now consider such black swan events seriously. They are so unexpected that no one thought they were scenarios. “Companies will be much more flexible so that their employees can work from the office or home safely.” Mr. Balafoutis explains that “it is essential when the pandemic crisis is over, the companies must not lower the defenses of their IT departments.
Despite all the above, if a company is a victim of an attack, how will it manage to get out of the vicious circle of threats, blackmail, lawsuits, etc.? The exposure of company and customer data in the eyes of third parties can have catastrophic consequences. From the demand for ransom to the large amount of money required for damages. Most companies in our country do not have the financial strength to cover the damages that can occur and as a result, many will lead to closure. Insurance companies recognized that serious problem, so they prepared comprehensive Cyber Insurance business packages designed to protect and cover these businesses specifically to stay alive. Cyber Insurance covers the financial impact to the company after the attack and provides access to teams of experts well experienced in this kind of situation. Access to expert teams can help minimize the financial and reputation damage that can occur in the short term.
“The main risks to corporate data are their interception, alteration, or simply destruction.”
George Balafoutis Cybersecurity Systems Designer at Microsoft
Cyber Insurance
The danger in front of the Gates!
Electronic and cyber threats are a daily reality in a world of information and information systems. These risks are constantly evolving and becoming more complex. In the past, organizations used to invest in securing their physical assets, now the interest must be focused on data protection. The data of our company is our property.
What threatens a business on a cyber-attack?
A company deals with the loss or leakage of digital data from its system. This leak could lead to the theft of personal information, breach of customer information, or full-scale attack via the Internet for access to sensitive or important data, either by third parties or by its employees. The IT department must deal with these problems while still managing the usual businesses issues. Is it data leakage or loss or a malicious attack by a hacker? How was the data lost or leaked? Is the IT department experienced in security breaches and large-scale hacker attacks? Can they suppress the leak? Will the server need to be shut down or its software replaced? Is there an emergency plan and a way to implement it?
Leak news is spreading fast, especially in the age of social media. These incidents can jeopardize the reputation of a company. In these cases, careful management and dealing with the media, customers, staff, and stakeholders is a must. Do customers need to be informed about the leakage or loss of their data? Who else should be informed? What is the best way to do this? Immediate and carefully controlled action in public relations is required to regain trust and protect the business’s reputation.
The economic consequences are beginning to accumulate. Will legal proceedings be instituted by persons who believe that their data leaked? Third parties who have had to compensate their customers for data leakage from one company may claim compensation. These are in addition to the costs of identifying the source of the loss or breach, reconfiguring networks, restoring security, and restoring data and systems. And if the business is out of business, there can be a loss of profits.
An electronic data crisis can easily affect the stock price of a company, as well as the reputation of the executive directors in personal.
Facts
- In a European survey among companies in all industries, 40% of entrepreneurs answered that the risk of cyber-attack scares them when asked: “what are the most important risks in your business”,
- Every 39 seconds a cyber-attack occurs.
- 300% increase in cases after the pandemic.
- $ 50.000 is the average cost of a data breach in a small business.
- $ 25 billion by 2024 will be the annual loss from online payment fraud in the e-commerce industry.
- Every day in Cyprus, cyber-attacks are carried out on companies with significant costs for them
In the event of a cyber-attack, every business faces the following
- Blocked systems by hackers.
- The business cannot operate.
- Personal Data is at risk of leakage.
- Risk of fines, bad reputation, and loss of income.
- Blackmail by hackers, with the threat of the above happening and a ransom demand.
- Inability to react due to lack of knowledge, experience, and money.
- Payment of ransom to avoid the above effects.
In case of a cyber-attack many businesses
- Do not know how to react
- Delay in reacting by increasing their costs
- Legal services are needed to avoid or manage potential lawsuits
- Require services from the network and computer security experts to manage the breach
- It is necessary to inform the affected persons about their leaked data and the authorities
- Need to pay ransom to release their data
- Need to retrieve their data and system functionality to get them up and running
- The operation of the business is stopped until the problem is solved
- Legal support is needed in the possible initiation of a Regulatory Authority process
ALL THE ABOVE ARE SIGNIFICANT COSTS FOR A BUSINESS
Why a business becomes the target of a cyber-attack by hackers:
- Because its data is stored electronically (customers, suppliers, employees, etc.)
- Because its operation depends on fast electronic data management
- Because the risk of paying significant fines and compensation in the event of a leak is high
- Because no protection system is 100% effective
- Because the activities (sales, receipts, communications, etc.) are done electronically
Every entrepreneur sees the danger but has no way of transporting it elsewhere to protect themselves. The company and the management have great insecurity and fear if something like this happens in their business by watching more companies’ falling victims of cyber-attacks. They are not sure what to do, who to call and who can be by their side. They feel that they will not be able to protect their businesses. They cannot manage the crisis that will surely be created by the complaints of customers, partners, and the spread of news to the public and various other stakeholders of the company. The police cannot support them because it hardly ends up somewhere and if it does it will be already too late most of the time without being able to recover their data and the damage they will suffer.
This is where the role of Insurance comes in
- To make the customer feel that he is not alone
- Provision of System Consulting Services
- next to the customer at the time of the Violation to provide support for restoration and reduction of the damage and for the financial damage that may occur as a result.
Our company offers Cyber Insurance underwritten by top Insurance Companies with substantial financial capacity, which can stand successfully next to each hacked company. You will find more information here https://insurancelinkcyprus.com/cyber-insurance-link-cyprus/
We will be happy to answer any questions you may have, to meet with you to discuss your Cyber Insurance needs and to give you our Cyber Insurance quotation. You can contact us at 700 8888 3 or by email at info@insurancelinkcyprus.com.