First Year Student Living In Halls?
There are still many misconceptions surrounding cybersecurity and the need for insurance. Often businesses think that they are:
Too small to be at risk (My business is too small for hackers to care about).
People often think that their business is too small to be at risk and that the hackers only target larger businesses. This couldn’t be further from the truth the hackers/cyber-criminals don’t discriminate on the size of your business, they tend to take a blanket approach to fishing and ransomware. They will use their hacking software in emails, texts etc. and send them in mass mailings hoping for a bite.
Even if your business doesn’t operate online you can still be at risk if you have a computer, phone or email account which most businesses will have to trade.
They think that by having strong passwords policy that is changed regularly they are secure.
Having strong passwords and changing them regularly is all well and good, but it is just the same as having an alarm on your house. It may reduce the risk of a home being burgled but it can’t totally prevent it.
You also can’t legislate for people being tricked into giving out their password. People also tend to use the same password across multiple sites or where passwords are constantly updated, save them somewhere/write them down, which can be the same as leaving your keys unattended and could allow the criminal the keys to your business and data.
You may also think that by having your data encrypted that this is enough to protect your business but this is in effect the same as having items locked in a safe. It acts as a deterrent but the criminal can still get in if they really want to it just takes them a little more time.
They think that by having anti-malware they will be protected
Don't be thinking that as you have firewalls and antivirus software in place you are totally protected from an attack because you are not, these steps will help protect you but they won't totally nullify the total risk of an attack.
I use my own device which is safe
Some people think that as they are the only person to use a device that it can’t be compromised, but it can be, in the same way as any other device, it is open to being hacked by a fishing email or software as the hackers send blanket emails containing links or viruses.
People often think that if they have an apple mac computer, they don’t need protection. Although Apple devices may have been less prone to attacks, as cyber-criminals tend to target the mass market, which in this case tends to be windows operated machines; it doesn’t make you immune from an attack, the odds are still the same, it is just a case of, as more people use windows then they will suffer more attacks, you just hear of fewer attacks on apple as there are fewer users.
Our IT department has it covered (in-house or outsourced)
You need to consider what skill set you would need if you suffered an attack. Most companies that have their own IT department or IT Companies that you outsource your IT Support to, won’t have the skill set to deal with all the issues that could arise from an attack. You may need access to a Forensic IT specialist or expert legal assistance to help you comply with GDPR . For example, you may need to inform all your customers as well as the ICO .
Under GDPR you can outsource the management of your data/IT system but you cannot outsource the responsibility it will still fall back on your company.
Also, there could also be a conflict of interest if you have the same people investigating what has happened and reasons for the attack, if they are the ones that were supposed to protect you from it in the first place. They may not intend to but they may well cover up aspects of weakness, such as, they failed to install an update or test it before putting it live, they clicked a link in an email (IT experts are immune from hackers), they may not be able to see where the attack has come from as it may be a blind spot, whereas somebody independent coming in will take a fresh view, and if they are forensically trained maybe able to find where the vulnerability or attack came from.
You may also think that you are ok if you be covered as all your data is in the cloud and backed up. But in most cases the companies that store your data in the cloud or your IT support will more than likely have an exclusion in your contract that means that they are not responsible for your data if a cyber attack happens and you will have no rights of recourse. They just need to inform you that there has been an issue.
Remember under GDPR you can outsource the function but not the responsibility.
Having your data backed up into the cloud or a manual drive (hard drive, tapes etc), is a good practice but won’t totally protect you. If for example, you back up your data every hour is it saving over the previous version or are you backing up multiple copies?
You also need to be wary of backing up to the same device each time because if you back up a corrupt file, back up with a virus in tow, then you could be corrupting all your data. It would be better to have a layered approach to back up where possible.
Backups are normally good for getting you back up and running after an event and a cloud-based backup normally makes this process simpler as you can start again anywhere else with the correct logins via new computers if the previous ones have been compromised.
Finally, any compensation cover from your IT support/cloud provider will be seriously limited if available as they will have clauses to exclude cover or limit their own exposure.
Our website uses cookies to enhance your browsing experience,
provide personalized content, and analyze our traffic. Some of these cookies are essential for
the website to function while others can be switched on or off.
By clicking "Accept all" you agree to
the uses explained in our Cookies Policy. If you click "Reject all" we'll block all non-essential cookies
but those crucial to the website's operation will still be used.
A cookie is a small text file that is placed and stored on your computer, mobile or other device, by the websites that you visit. Cookies are widely used in order to make websites work more efficiently and also to provide information on visitor behaviour to the website owner.
These are temporary cookies that remain in the cookie file of your device's browser until you close the browser. They enable certain site functionality and are also used by the server to store/remember information about user web page activities so user information can be stored throughout an online web process - for example this could be used to allow information to be carried across website pages so that you don't have to re-enter information.
These are cookies that remain in the cookie file of your browser for much longer. Generally speaking, these cookies are used to track website visits, including returning and unique visitors (first time visitors) and monitor how they interact with a website. They can also be used to help arrange content to match a user's preference's/preferred interests. However these cookies cannot be used by themselves to identify you.
We use cookies to:
Some benefits to you:
Some drawbacks
Booking process - We use cookies to maintain a user's session and allow data to be passed between different online pages within the quote engine in order to provide a quote/policy.
Google Analytics - We use these cookies as part of our web analytics activity to monitor traffic and compile reporting about how users are using our website, These cookies are used to capture anonymous data about how users journey around our website. Types of data it gathers number of visits, date of first & last visit, time on spent on the website
Online chat - We use cookies to let us know what pages you have been on, previous chats number of visits - this helps us to provide you with more relevant advice / guide you to the information you require.
To track traffic from referral website(s) - This cookie is used to ensure accurate payment to our partner website. In terms of referral information this is stored against a customer record within our database.
Please be aware that our website contains links to and from other websites. We accept no responsibility or liability for the content of these websites or the cookies they use. If you choose to visit another website via our website, you will need to contact them separately to have your personal information deleted from any records they might hold. It is also the responsibility of that website to detail their use of cookies to you on their website and get the relevant consent from you for usage.
We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
When you decide to get a quotation or buy on line we will use necessary cookies for your security and to provide you with a policy.
If you do not want allow any of the other cookies, you can disable the use of cookies by using your internet browser settings. Please note if you disable the cookies you may experience slower running times and you may not be able to access all of our website content.