Cybercrime. It’s known to be the biggest risk facing businesses today, yet less than five per cent of Australian business owners have the right systems in place to manage it.
Cyber criminals are becoming more sophisticated, adapting to the latest security measures almost as quickly as they are developed. As a result, risk management systems become outdated far quicker than many business owners realise.
Jessica Waldron, account executive at Allinsure, says what makes an attractive target has changed, too.
“Ninety-six per cent of cyber attacks target SMEs [small to medium enterprises], because cyber criminals look for vulnerability over value,” she says.
“Five years ago, cyber was all about ransomware. These days social engineering presents a bigger threat.
“Social engineers learn a business’s communication style and use it to convince clients that the usual bank details have been changed, so any subsequent payments are made into the wrong bank account.”
Jessica says the Canberran firm has seen claims for upwards of $440,000 stolen through social engineering.
“Allinsure has seen large companies have hundreds of invoices manipulated at once,” she says.
“For example, we worked with a manufacturing company that had clients receive updated invoices with a reminder to pay into new bank details just before the Christmas shutdown period.
“Social engineers knew the manufacturer would only have a skeleton crew operating over the break. They took advantage of a short lapse in security and stole hundreds of thousands of dollars.”
Allinsure managing director Peter Chamberlain stresses that it’s important businesses don’t fall into the trap of underestimating cyber criminals’ intelligence.
“It’s really important to realise that these people are very successful in defrauding a large number of clients,” he says.
“You can have the best security in the world, but it’s not going to stop them every time. It’s only one part of the solution for businesses.
“It’s vital to have tools in place that will reduce harm to your business in the event that a cyber attack is successful.”
One such tool is cyber insurance. But in a space that has changed so drastically over the last decade, choosing the right provider is essential.
A top-of-the-line cyber insurance provider will have its own dedicated cyber security and incident response team, as well as recent, industry-specific claims experience backed by accessible data.
“A cyber security plan should always prioritise the prevention of cyber attacks before they occur and include a quality cyber liability policy,” Peter says.
“The idea is to make your business a less attractive target by identifying and cutting off potential threats before they even come close.
“If an incident does occur, you should be able to rely on your provider to respond quickly and expertly, lessening the impact on your business, network and assets.”
If you’d like to know more about the best cyber insurance cover for your business, get in touch with the experienced team of insurance advisers at Allinsure.