The below article has been provided by our Insurance Partner, Towergate Insurance, which HCPA members get exclusive discounts for.
Cyber-criminal activity is varied, and can have a massive impact on your business, the individuals you support and their families. Last year, cyber protection specialists CFC Underwriters provided Towergate with some alarming stats regarding cyber-attacks*
- 70% of cyber-attacks affect businesses with under £50M turnover
- Over 75% of cyber claims occur because of some form of human/employee error (employees clicking malicious links, losing devices, or transferring funds)
- The estimated recovery time for a business which experiences a ransomware event is 2-3 months, without expert assistance
- Ransomware attacks accounted for 31% of CFC claims by frequency in the last 12 months, but these events accounted for 73% of what was paid out, making them disproportionately severe
- You are now 9 times more likely to be a victim of a cyber-attack than a fire
Cyber-attacks targeting technology
Because the use of technology in our everyday lives has increased, criminals can now access information and data like never before. It is important that you to take steps to protect your organisation from cyber-attacks and stay safe online. Some areas that we would recommend you consider are:
- Investing in antivirus software
- Always locking screens when away from your desk
- Two-factor identification systems
- Limit the sharing of information
- Use complex passwords; a phrase or statement is best
- Request password changes regularly
Warnings since the Ukrainian invasion
Since Russia invaded Ukraine in January, the National Cyber Security Centre have been sending out warnings to UK organisations regarding making sure that cyber and digital defences are in place and are reliable should any sudden cyber-attacks happen.
While the NCSC is not aware of any current specific threats to UK, it should be made clear that there is a pattern to cyber-attacks happening when there has been other historical crisis’ such as COVID-19 and this could just be the latest in a list of international consequences. Due to this, they are advising that UK organisations consider some key tips and guidelines that can reduce the risk of you becoming a victim. You can find these here https://www.ncsc.gov.uk/guidance/actions-to-take-when-the-cyber-threat-is-heightened but we are also sharing our top tips as an insurance broker.
Take action to protect your business
There are a few different things that you can do now, to try and mitigate or reduce this type of incident against you, which as an insurance broker, we would advise.
- Cookie practices – These should be reviewed around your consent mechanism for cookies and the details you provide about your policy for cookies. It is straightforward for consumers and the public to check your website and see if you are complying with regulators and with the law.
- Information security – Look to check polices and processes to detect and alert any personal data breaches.
- Check electronic marketing processes– Check these are up-to-date with current legislation and make it clear to consumers that there is an opt out of direct marketing communications. It is critical to make sure that if an opt out is selected, your systems ensure no direct marketing communication cases to such persons.
- Conduct a review of all external documentation – It is important to ensure such documents are up to date.
How at risk are you?
To find out your organisations level of cyber risk, complete this quick cyber risk assessment: https://towergateinsurancebrokerscyber.co.uk/towergate/test.php
As a Hertfordshire Care Providers Association member, you have access to a dedicated insurance specialist who is on hand to discuss the above or any other insurance and risk management related topics. To speak to Dan, please call 07834 755 337 or email dan.may@towergate.co.uk
HCPA’s data protection team are here to help
As a part of HCPA’s ongoing mission to improve the quality of care, we now provide fully-funded support over data protection, GDPR and legal compliance plus managing cyber-attack risks.
We do this by supporting care providers to become compliant / ensure legal compliance with data protection act and GDPR, using the Data Security and Protection Toolkit (DSPT).
Click here to find out more about HCPA’s data protection services