Good practice last year isn’t good enough anymore.
Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims.
With the number of claims skyrocketing insurers are increasingly asking, “What did you do to protect yourself from the obvious and known risk from cyberhackers?”
The levels of protection you put in place 1 or 2 years ago probably aren’t adequate for the threats today. They are evolving so rapidly.
So what can you do?
Hackers aren’t waiting for you to make a decision to put protections in place.
They are spending every waking moment trying to find new ways of stealing your data. They have set themselves up as businesses to do evil. They hire the best and brightest talent, and have the latest tech – simply because it’s worth it. Its organised crime and these guys are the mafia of the modern age.
We see continuous hacks on most of our clients. These are attempts to penetrate their firewalls, or guess their passwords on Office 365. We see fake webpages through phishing attempts, and we see techniques to harvest password reset questions by asking for favourite teachers, or first cars, or favourite band on platforms like FaceBook.
That’s why your cyber-insurance and business continuity insurance providers will be starting to ask more demanding questions when you renew your cover. They are well aware of the risk and they want to know that you have taken all reasonable steps.
You need to be able to reassure them that you have:
- deep endpoint protection
- a penetration and vulnerability assessment
- data governance that is fit for purpose
- awareness programmes for all users and verification
- dark web monitoring
- multi-factor authentication and complex passwords
and so much more – the very items we have included in our KARE for Security services.
The question for you, and your insurer, is what level of protection is appropriate for your organisation so your insurer will cover you if you need to claim? That is why we have two levels of cyber-protection, and, because this isn’t static, it is why we keep investing and researching additional tools to help defend you from harm.
The Hackers are turning up their attacks on you – are you turning up your defences to match?
One quote we saw recently that rang true was:
“A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.”
What’s your next step? We’ve created a simple 9-point checklist to help you navigate the cyber-risk landscape and find the right solution for you.
When “Legitimate” Tools Are Used Illegitimately (like booking a meeting time)
Cyber awareness isn’t just about blocking malware — it’s about recognising intent. Recently, we received a callout from a client after a user received what initially appeared to be a genuine business opportunity. The email exchange seemed credible, replies were...
Microsoft Copilot Is Moving From Chatting to Doing
If you’ve been following Microsoft Copilot for a while, you’ll have noticed something important happening. Copilot is no longer just about answering questions or drafting documents. Copilot is getting ready to do real work on your behalf. Two names you’ll hear...
The AI Agent Revolution: What OpenClaw and Paperclip Mean for Your Business
Two open-source AI tools are generating serious buzz in technology circles right now: OpenClaw and Paperclip. You may have seen the names appearing in your LinkedIn feed, or heard them mentioned at a recent industry event. If you're a business owner wondering whether...
Can you really run a business with only virtual staff?
Short answer: yes — in some cases. Longer answer: it depends on what kind of business you’re running, and what “staff” actually means in 2026. We’re seeing a growing wave of businesses experimenting with fully virtual teams — not just remote people, but AI agents...
Could you get into trouble with the law if you lose a USB stick?
A lost USB stick can be a notifiable privacy breach. Here’s why that matters It sounds old school, but USB sticks are still floating around plenty of NZ businesses. A recent draft decision note from the Office of the Privacy Commissioner is a timely reminder...
Copilot Upgrade: Is “Claude” coming to Copilot?
Copilot Upgrade: Welcoming the Sonnet Engine (Claude's engine)A Smarter, Faster Copilot Experience Microsoft has started to roll out the new Sonnet engine across Copilot! This will bring a noticeable improvement in speed, accuracy, and the quality of responses. For...
Additional M365 Security Protection Rolled Out for our KARE Foundation Customers
Turning up your cyber-security Kinetics is busy rolling out an additional security protection for Kinetics KARE Foundation customers only, designed to stop a highly active and sophisticated phishing campaign currently targeting Microsoft 365 environments worldwide. ...
Webinar Replay: What Recent Cyber-Breaches Teach Us About Protecting Your Business
Every cyber-breach tells a story, and the best way to protect your business is learning from others' experiences before they become your own. This isn't about fear—it's about learning. We'll translate real-world breach experiences into practical insights you can apply...
Microsoft Copilot in 2026: Why So Many Businesses Are Taking a Second Look
Think Copilot Was a Let‑Down? It’s Quietly Got Much Better in 2026 If you tried Microsoft Copilot early on and walked away a little underwhelmed, you’re not alone. We heard it a lot last year: “It’s interesting, but it’s not quite there yet.” The thing is that Copilot...
Your (Home/Small Business) Router Could Be Working for Criminals Right Now
Right now, somewhere in the world, a home or office router is quietly routing cybercriminal traffic, and its owner is completely unaware. That's the reality revealed by the discovery of KadNap, a sophisticated malware campaign that has become one of the most...