Sunday 22 May 2022
Select a region
Business

Relying on cyber attack insurance could lead to loss

Relying on cyber attack insurance could lead to loss

Monday 26 March 2018

Relying on cyber attack insurance could lead to loss

Monday 26 March 2018


Channel Island organisations could be leaving themselves open to huge losses if they rely on insurance to cover damages from a major cyber-attack, Logicalis has warned.

The firm is warning organisations not to consider cyber insurance an alternative to good cyber security. The IT experts fear up to 80% of businesses would not be covered by their cyber insurance policies in the event of a cyber-attack because they are not following correct security protocols.

Ricky Magalhaes, Managed Security Services Director at Logicalis, said: “Many companies think cyber insurance is an alternative to good cyber security practices, however, if you don’t have correct controls in place, your insurance will not cover you.

“Up to 80% of companies with cyber insurance are not following basic cyber security procedures, which means if they suffer a loss, it will be hard for them to claim because they have been negligent.”

The Logicalis Security Operations Centre detected more than 124 cyber-attacks on Jersey companies during the first three months of 2018 – just a fraction of the real level likely to be happening.

Common attacks included hackers exploiting vulnerabilities in systems caused by organisations failing to install patches, or compromising systems because they were badly configured. Ransomware is a significant concern, and the number of Office 365 Break-ins, where someone reads and edits emails without you knowing, is growing. A small number of companies also suffered a DDoS (Distributed Denial of Service) attack, where their internet bandwidth was hijacked. Logicalis also detected a significant number of cases where hackers have used credentials they’ve bought from the dark web to log in to systems.

Mr Magalhaes said: “If you leave your house open and have a break in, an insurance policy is unlikely to pay out. You need to be able to prove you locked the door, and prove that you had a break in. With cyber insurance, knowing that your data is up on the dark web is not proof that someone stole it. You need be able to identify the security breach, and prove that you took all the necessary steps to prevent it. If you are not diligent an insurer will not pay out.”

According to Morgan Stanley, the cyber insurance market is expected to be worth $10 billion by 2020. However, organisations need to put the correct controls in place if cyber insurance is to have any value for them.

 

 

Sign up to newsletter

 

Comments

Once your comment has been submitted, it won’t appear immediately. There is no need to submit it more than once. Comments are published at the discretion of Bailiwick Publishing, and will include your username.

There are no comments for this article.

To place a comment please login

You have landed on the Bailiwick Express website, however it appears you are based in . Would you like to stay on the site, or visit the site?