Good practice last year isn’t good enough anymore.
Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims.
With the number of claims skyrocketing insurers are increasingly asking, “What did you do to protect yourself from the obvious and known risk from cyberhackers?”
The levels of protection you put in place 1 or 2 years ago probably aren’t adequate for the threats today. They are evolving so rapidly.
So what can you do?
Hackers aren’t waiting for you to make a decision to put protections in place.
They are spending every waking moment trying to find new ways of stealing your data. They have set themselves up as businesses to do evil. They hire the best and brightest talent, and have the latest tech – simply because it’s worth it. Its organised crime and these guys are the mafia of the modern age.
We see continuous hacks on most of our clients. These are attempts to penetrate their firewalls, or guess their passwords on Office 365. We see fake webpages through phishing attempts, and we see techniques to harvest password reset questions by asking for favourite teachers, or first cars, or favourite band on platforms like FaceBook.
That’s why your cyber-insurance and business continuity insurance providers will be starting to ask more demanding questions when you renew your cover. They are well aware of the risk and they want to know that you have taken all reasonable steps.
You need to be able to reassure them that you have:
- deep endpoint protection
- a penetration and vulnerability assessment
- data governance that is fit for purpose
- awareness programmes for all users and verification
- dark web monitoring
- multi-factor authentication and complex passwords
and so much more – the very items we have included in our KARE for Security services.
The question for you, and your insurer, is what level of protection is appropriate for your organisation so your insurer will cover you if you need to claim? That is why we have two levels of cyber-protection, and, because this isn’t static, it is why we keep investing and researching additional tools to help defend you from harm.
The Hackers are turning up their attacks on you – are you turning up your defences to match?
One quote we saw recently that rang true was:
“A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.”
What’s your next step? We’ve created a simple 9-point checklist to help you navigate the cyber-risk landscape and find the right solution for you.
10 IT Questions for Not-For-Profit Organisations
How does IT make your NFP more successful? Not -for-profits come in all shapes and sizes in New Zealand and many of us are involved in many of them - supporting our community in ways that resonate for us. Not for profits measure success differently to other...
Latest trend – hacking Teams
Over a quarter of a billion people use Teams every month. Under the current lockdown/isolate/work-from-home regimes, it is a vital tool for most of us. Many organisations including us even use it for our phones because it is so flexible and excellent value. You can...
Are you managing ALL your critical IT?
IT is critical to the operation of almost every organisation. If your IT is more than computers and mobiles then this webinar is for you. If IT is a critical asset to your organisation, then this webinar is for you. If what IT does matters more than what IT is, then...
Are your staff your firm’s biggest security risk?
Well meaning mistakes that could cost you Despite the best technology defenses (next-gen firewalls and antivirus, advanced threat protection, mail washing, web filtering, regular patching) infections and security events can still occur due to what is often the...
Is the organisation doing enough to get the cyber-security cost/risk balance right?
Is your organisation doing enough to get the cyber-security cost/risk balance right? Cyber-security protection can feel like an unending cost.No matter how much you do, there is always more that can be done, and no promises that any of the steps you take will...
Are your staff your biggest security risk?
Despite the best technology defenses (next-gen firewalls and antivirus, advanced threat protection, mail washing, web filtering, regular patching) infections and security events can still occur due to what is often the biggest risk – your staff. Social Engineering...
Do you have an appropriate Data Privacy Policy?
Data privacy is now a hot topic in NZ. This was driven by three main factors: 1. The GDPR (General Data Protection Regulation) which came into effect in Europe in May 2018. This introduced strict regulations on what private information is, how to get consent from...
Do you have the right relationship with your IT provider?
Do you have the right relationship with your IT provider? Regardless of whether your IT provider is your in-house IT team or a trusted business provider, do you have the right relationship with them? The right IT provider will ask "WHY" long before they ask "WHAT" and...
Three key questions to assess if your IT strategy is meeting your business needs
Three key questions to assess if your IT strategy is meeting your business needs There’s a saying that goes “A goal without a plan is a wish." With that in mind, do you have an IT Strategy? Is it aligned with your business plan? The reason this is important is that...
Who really controls your IT systems and your data?
Who really controls your IT systems and your data? You know who owns and leases your operational equipment, or your buildings, plant and other physical facilities. Can you say who controls your IT? How flexible is your IT supply chain to meet your ongoing needs. Given...