The digital technology sector is rapidly expanding in both Scotland and Ireland, bringing with it benefits but also some serious challenges – one of the biggest is the threat of cybercrime.

In this blog, Siobhan Fogarty, our very own Underwriting Manager at GS-Group and Causeway Committee member highlights what organisations should be considering when insuring against cyber-attacks.

The technology revolution, in which Scotland and Ireland have been forerunners, has irreversibly changed the way that businesses operate.

Scotland’s technology sector is booming and the number of digital jobs in the sector increasing, particularly around the hubs of Glasgow, Edinburgh and Dundee.  Scotland’s tech sector is particularly strong in software development, data science, digital health, sensors and connectivity. There are over 1500 tech companies in Scotland, with strong growth forecast in a sector currently worth £3.9 billion.

Meanwhile, on the other side of the Irish Sea, Ireland has become the global technology hub of choice for information and communications technology (ICT), with global leaders such as Intel, HP, IBM, Microsoft and Apple having long-established operations there. The industry employs over 37,000 people and generates £35 billion.

With this growth, technology has also fundamentally changed the nature of assets across all sectors. The shift from the physical to the digital means that some of our most valuable assets are now accessible to anyone in the world with an internet connection and are therefore vulnerable to cyber-crime.

We have all read in the news about major corporations falling victim to cyber-attacks, but what falls under the radar are examples closer to home – the small firm that transfers £100,000 to a fraudster as part of a social engineering scam, or the private hospital locked out of their computer systems for days because of a destructive malware attack.

Just because events like these aren’t reported in the mainstream media doesn’t mean they aren’t happening.

Cybercrime is one of the hottest topics in insurance, and with projections of further growth it is smaller businesses that are most at risk. Leading Cyber Insurer CFC’s data shows that 95% of funds-transfer fraud claims come from businesses with revenue under £100 million. Cybercriminals see smaller organisations as low hanging fruit because they often lack the resources necessary to invest in IT, security or provide cyber training for their staff.

The vast majority of cyber-attacks cause financial loss to the insured business including theft of funds, data or damage to digital assets. However, the costliest impact of a cyber-event is the fallout in responding to the incident.

Cyber insurance has emerged as a standalone product designed to fill the gaps that more traditional insurance products have been unable to fill.

When reviewing your policy you need to consider cover for the costs involved in responding to a cyber event in real time, including IT security and forensic specialist support, gaining legal advice in relation to breaches of data security, and the cost associated with having to notify any individuals that have had their data stolen. Without a doubt, one of the most important aspects of a cyber policy is that it provides access to the right specialists as well as paying for their services.

Ransomware is one of the fastest growing forms of cyber-crime in the world, with data from the CFC revealing that in 2016 ransomware accounted for a little over a tenth of cyber insurance claims by number – by 2017 that number had risen to nearly a quarter.

Simple steps to help protect your digital assets include:

• Set secure passwords and don’t share them with anyone. Avoid using common words, phrases, or personal information and update regularly.
• Keep your operating system, browser, anti-virus and other critical software up to date.
• Verify the authenticity of requests from companies or individuals by contacting them directly. If you are asked to provide personal information via email, you can independently contact the company directly to verify this request.
• Pay close attention to the URLs of websites you visit. Malicious websites sometimes use a variation in common spelling or a different domain (for example, .net instead of .com) to deceive unsuspecting computer users.
• For e-mail, turn off the option to automatically download attachments.
• Be suspicious of unknown links or requests sent through email or text message. Do not click on unknown links or answer strange questions sent to your mobile device, regardless of who the sender appears to be.

It is important that we are all diligent in keeping our assets safe and ensuring we have the appropriate cover in place so if we do happen to fall victim to a cyber-crime, it is possible to respond appropriately and effectively.

______________________________________________

As a member of Causeway, you can surround yourself with fellow business professionals and get the business support and advice you need to succeed. Become a member today or contact them for further information.