Digital technologies are an essential part of business today. All businesses rely on information technology (IT) infrastructure to some degree in order to increase their efficiency and improve their productivity. Which is precisely why cyber and data security breaches can be so damaging.
According to the Government’s Cyber Security Breaches Survey 2020, not only has the extent of cyber security threats not diminished; it has actually evolved and become more frequent. Almost half of businesses (46%) and a quarter of charities (26%) reported having cyber security breaches or attacks in the previous 12 months. It is higher among large businesses (75%) medium businesses (68%) and high-income charities (57%). Of the 46% of businesses who reported a cyber security breach, 32% experienced on at least once a week.
Among the 46% of businesses that identify breaches or attacks, one in five (19%) have experienced a material outcome, losing money or data. Two in five (39%) were negatively impacted, for example requiring new measures, having staff time diverted or causing wider business disruption. Similarly, among the 26% of charities reporting breaches or attacks, a quarter (25%) had material outcomes and over half (56%) were negatively impacted.
Where businesses faced breaches with material outcomes, the average (mean) cost of all the cyber security breaches these businesses have experienced in the past 12 months is estimated to be £3,230. For medium and large firms, this average cost is higher, at £5,220.
The most common type of cyber-attacks by far (experienced by 86% of businesses and 85% of charities who identified a breach or attack) are phishing attacks – staff receiving fraudulent emails or being directed to fraudulent websites.
The implications that exposure to these risks can cause are wide-reaching. Some of the main issues are business interruption, income loss, damage management and repair, and the possibility of reputational damage if IT equipment or systems fail or are interrupted.
Why it’s worth considering more specific, specialist insurance
Cyber is a very real, current threat to UK and Worldwide businesses. Existing insurance policies such as commercial combined, management liability or professional indemnity insurance may provide very limited elements of cover against cyber & data risks. But they are unlikely to be sufficient and businesses could find themselves exposed.
It is important that you understand if and what cover you have and how it would respond in the event on a cyberattack or incident. Some policies will help you to respond to said attack, with 24/7 helplines to give immediate, practical assistance to mitigate costs; others will help to restore equipment and software after an attack.
Clients should particularly consider purchasing cyber & data insurance if they:
- Hold sensitive customer details such as names and addresses or banking information
- Rely heavily on IT systems and websites to conduct their business
- Process payment card information as a matter of course.
Cyber and Data Insurance – what does it cover?
Cyber & Data insurance covers losses relating to damage to, or loss of information from, IT systems and networks. Policies generally include significant assistance with and management of the incident itself, which can be essential when faced with reputational damage or regulatory enforcement.
Cyber & Data risks fall into first party and third party liability.
First-party liability is the clients own assets which
- Loss or damage to data or software programmes
- Business interruption from network downtime
- Cyber & Data extortion where third party threaten to damage or release data if money is not paid to them
- Customer and/or Third Party notification expenses when there is a legal or regulatory requirement to notify them of a security or privacy breach
- Repairs or replacement following system damage
- Regulatory actions & investigations and court attendance costs. Potentially cover for fines, where legally deemed insurable
- Crisis communication costs
- Reputational damage arising from a breach of data that results in loss of intellectual property or customers
Third-party liability covers the assets of others, typically your customers which may include:
- Security/privacy breaches, investigation and defence costs together with civil damages associated with them
- Multi-media liability, to cover investigation, defence costs and civil damages arising from defamation, breach of privacy or negligence in publication in electronic or print media
- Loss of third party data, including payment of compensation to customers for denial of access and failure of software or systems
Cyber and Data – claims examples
The managing partner at a private medical practice switched on his PC on a Monday morning to be greeted with a message stating that all patient records held on their network had been encrypted and demanding a payment of £30,000 in bitcoin in exchange for the encryption key. He contacted an IT forensic specialist who confirmed the level of encryption, and confirmed that the only alternative to an encryption key would be wiping the ransomware from the network, risking the loss of all other critical data as part of the process. The last data backup was performed a week ago, meaning a significant amount of recent data was at risk, so they had no option but to pay the bitcoin ransom to protect their confidential data. They also engaged the forensic specialist to remove the remaining malware from their network at a cost of £10,000.
Denial of service attack
An international real estate client experienced a denial of service attack on their IT systems which was not only operationally damaging for the company, but also had the potential to severely impact upon its brand and market standing. The insurance policy not only covered the loss of income but also provided cover for PR expert support to mitigate any reputational damage.
An employee from a chain of opticians received an email to say that she had been caught speeding and clicked the button which offered to show a photograph of her being caught in the act. Shortly afterwards they received an email from someone in Russia to say that they had infected their systems with the Cryptolocker virus and that all files on its servers were encrypted. The encrypted files included patient records and software used to run the business. The Russians were asking for £400 in Bitcoins for the decryption key. The insurers approved payment of the ransom. Unfortunately this only recovered 90% of the files and they needed an IT contractor to help them recover the remainder. Their insurance policy covered this business interruption as well as the costs of being unable to trade for a couple
of days and not being fully up-to-speed for a couple of weeks. Total cost was £60,000.
An unencrypted memory stick was lost. It had been provided to a potential buyer as part of the due diligence process during a corporate acquisition transaction when it was stolen along with the owner’s handbag from a public place. It contained personal and sensitive data of over 500 employees including home addresses and bank details. A fine was levied by the Information Commissioner’s Office (ICO) and significant costs were incurred. In this scenario, the insurance policy allowed the firm to engage expert data risks or protection lawyers, liaise with the ICO and inform affected employees.
Hackers gained access to a Wholesalers email system and sent emails to all of their customers purportedly from either the Chairman or Finance Director saying that the Company has changed its bank details. Considerable time was spent contacting over 200 customers to tell them to ignore the email as it is not true. Several had already changed their records.
An Engineering Client had a virus planted into their system and were unable to use their IT for 5 days whilst their IT support resolved the problem. Cost to rectify, £22,000 and all accounting, invoicing, stock control was affected, no payments could be made or received and it coincided with monthly payroll time which delayed paying the employees.
Client suffered an IT breach where 400,000 fake credit card statements were sent to their customers and other companies throughout the UK. The I.T. costs to rectify the damage plus estimated loss of revenue cost £24,000.
Assess your cyber security risk now
Quickly discover the level of protection you need by taking our simple three-minute cyber risk assessment test.
Specialist cyber crime and fraud insurance
With the Cyber Crime and Fraud Insurance that's right for you business, you can rest assured that your protection includes:
- Data recovery support in the event of a breach
- Extortion cover if a hacker tries to hold you to ransom
- Business interruption cover to keep you going after a cyber attack
- Payment of costs associated with regulatory investigations
- Cover for claims for damages against your business
Get a crime cyber and fraud insurance quote
For more information, to discuss your particular cyber and data security requirements or to get a quote, simply contact Towergate on:
Read more on our Cyber Hub
- Cyber and Covid
- Cyber Insights
- Cyber Risk Management
- Cyber Insurance
- Crime Insurance
- Cybercriminals Likely Poised to Attack as Magento 1 Reaches “End of Life”
- How to Become More Cyber Secure
- The Important Role Cyber Insurance Has to Play in the Coronavirus Crisis
- Cyber Risks on the Rise as Businesses Reopen
- Smartphones Becoming an Increasing Cybersecurity Risk for Organisations
- Risk Alert - Cyber Liability
About the author
Mark Brannon Cert CII is a respected industry leader with over 17 years’ industry experience in a variety of roles within the business insurance sector. He works across a wide spectrum of insurance product and policy development, delivery and optimisation for clients, including claims, insurer relationships, marketing and communications, and risk management.
Read related articles
- Cybercriminals likely poised to attack as Magneto 1 reaches end of life
- How to become more cyber secure
- The important role cyber insurance has to play in the coronavirus crisis
- Cyber risks on the rise as businesses reopen
- Smartphones becoming an increasing cybersecurity risk for organisations
- Comparing a cyber loss and fire loss
- Cyber Crime
- Cyber Crime Video
The information contained in this bulletin is based on sources that we believe are reliable and should be understood as general risk management and insurance information only. It is not intended to be taken as advice with respect to any specific or individual situation and cannot be relied upon as such. If you wish to discuss your specific requirements, please do not hesitate to contact your usual Towergate Insurance Brokers adviser.