Good practice last year isn’t good enough anymore.
Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims.
With the number of claims skyrocketing insurers are increasingly asking, “What did you do to protect yourself from the obvious and known risk from cyberhackers?”
The levels of protection you put in place 1 or 2 years ago probably aren’t adequate for the threats today. They are evolving so rapidly.
So what can you do?
Hackers aren’t waiting for you to make a decision to put protections in place.
They are spending every waking moment trying to find new ways of stealing your data. They have set themselves up as businesses to do evil. They hire the best and brightest talent, and have the latest tech – simply because it’s worth it. Its organised crime and these guys are the mafia of the modern age.
We see continuous hacks on most of our clients. These are attempts to penetrate their firewalls, or guess their passwords on Office 365. We see fake webpages through phishing attempts, and we see techniques to harvest password reset questions by asking for favourite teachers, or first cars, or favourite band on platforms like FaceBook.
That’s why your cyber-insurance and business continuity insurance providers will be starting to ask more demanding questions when you renew your cover. They are well aware of the risk and they want to know that you have taken all reasonable steps.
You need to be able to reassure them that you have:
- deep endpoint protection
- a penetration and vulnerability assessment
- data governance that is fit for purpose
- awareness programmes for all users and verification
- dark web monitoring
- multi-factor authentication and complex passwords
and so much more – the very items we have included in our KARE for Security services.
The question for you, and your insurer, is what level of protection is appropriate for your organisation so your insurer will cover you if you need to claim? That is why we have two levels of cyber-protection, and, because this isn’t static, it is why we keep investing and researching additional tools to help defend you from harm.
The Hackers are turning up their attacks on you – are you turning up your defences to match?
One quote we saw recently that rang true was:
“A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.”
What’s your next step? We’ve created a simple 9-point checklist to help you navigate the cyber-risk landscape and find the right solution for you.
What’s worse than having to pay Ransomware?
The answer : Having to pay it twice - (or even more). Your Cyber-Security is under more pressure than ever. According to Infosecurity magazine, "double" extortion ransomware victims are up a massive 935% - thats a ten-fold increase year-on-year. This is driven by the...
“Phishmas” – its not that punny
Whatever it takes to draw your attention to Cyber Security is worth it. Just because we take time off at Christmas doesn't mean the hackers do. They have taken a lot of heart from the way we have all embraced home-delivery for our shopping and are doubling down with...
Is your Fingerprint effective security?
Straight out of the movies We are all used to the idea of using our fingerprints to log into our cell phones and, for some of us, our laptops. We’ve been told fingerprints are secure, and effective for ‘biometric authentication’ In the movies, we see finger prints...
Have you been vished?
What is vishing? Vishing is scamming via phone calls, effectively "phishing" by voice, hence the name, Voice phishing - Wikipedia Unfortunately, like many other cyber-attacks, incidents are on the rise. Because the damage is done over a phone call, they are even...
Beware – Social Engineering! The number one security threat to business is your people!
Every business collects data, from sales leads to financial transactions and everything in between. Increasingly data is the new ‘gold’. The problem is, unlike actual gold that you can put in a vault, data is weightless, and your staff need access to your data to get...
Dodging dodgy websites
Not too long ago, (some) businesses tried to limit websites that people could visit during working hours. They blocked social sites and Trademe and so forth. The logic was that people should be working, not surfing the net. Luckily this seems to have faded – staff are...
What will the Microsoft annual/monthly licensing changes mean for you?
A few weeks ago, we warned you about changes to Microsoft 365 pricing coming in at March 2022. We still don't know the exact prices. Microsoft have published some USD numbers and we have used those to base an estimate on, but we don't know for certain what the final...
Does the new Chinese PIPL law apply to you?
If you do business in China, you need to know about the “PIPL” It’s the Chinese equivalent of the GDPR from the EU – and your responsibility to protect the data privacy of the Chinese. The law came into being relatively quickly and has already taken effect as at...
Security Training and Awareness offer
We are deploying some new tools for our KARE for Security clients. For a limited time we can share these with all our clients to give you and your colleagues some great e-security awareness training. The holiday season is targeted by scammers, they know that employees...
Zero-Trust Networking for real business?
Zero-trust sounds extreme Humans like to trust. We trust everyday as we drive down the street that the people coming the other way will stay in their lane. We trust that the restaurants we visit prepare our food properly and hygienically. We trust that our doctor...