For many businesses, the last few weeks have meant more of us working from home. We often hear stories of corporate hacking or phishing scams hitting thousands of people around the world. So what can we all do to protect ourselves?
Perhaps surprisingly, what we're worried about is actually quite a short list of things that are reasonably easy to guard against - things like:
- Ransomware. They encrypt your files and you need to pay them to get your files back. Typically installed inadvertently by clicking on email attachments or links.
- Malware. Often it just tries to install other software, or advertises at you. It can be installed inadvertently alongside other applications, or by clicking links, or visiting infected websites.
- Spyware. Similar to malware, but designed to sit quietly and spy on your activities, be that for advertising, or perhaps to try steal your credentials for certain sites.
- Computer viruses. A wide range of these are out there. They can do anything from using your PC as a spam email host, or blocking certain applications, or record keystrokes and steal info from you, or can even hijack your PC and use it in another attack, like a denial of service attack.
There are many other 'types' of viruses out there that can affect us - this list covers the main things we need to be careful about. But just how do these things get into people's systems and computers? There are a few ways they go about it:
- Phishing. Someone sends you a legitimate looking email and asks you to open a word doc, or click on a link, that then activates the virus on your computer. This is one of the most common methods out there.
- Infected websites. If you go to a website that has been infected, and interact with it somehow, perhaps by completing a form and hitting submit, that website can try download and install its malicious software on your computer.
- Fake antivirus alerts. This can get a lot of people, but an application or website might suddenly throw up a fake warning sign saying that a computer has been infected and that the user can click a link to resolve. Ironically, this then installs the malicious software.
- Basically, any situation where you try install something, or click a link or attachment that you think you need, creates an opportunity to download and install malicious software.
It's not hard to put a few simple things in place to protect yourself and stay ahead of the pack:
- Patch. Everything - always. Make sure your operating system and anti-virus software? are always up to date. There are many security patches applied to these systems that can prevent attacks on your PC. Don't leave this sort of thing to chance.
- Try to be on the most up to date platform. This isn't always easy to do, but the recent ransomware attack didn't affect any people on Windows 10, for example. People with out of date operating systems were the ones that got hit. Always opt for the most up to date version.
- Get a good anti-virus package. One that includes protection against malware and spyware, for example. A lot of anti-virus companies are also providing add-ins to protect against ransomware now - this is worthwhile.
- Back everything up - properly. If you think that having an external USB drive attached to your computer counts as a backup, think again. The cloud was practically invented for backing things up, so use it. There are so many backup facilities online now it's hard to even start listing them - pick something reputable and use it across all your devices. If the worst does happen to you, it should be as easy as a few clicks to restore your data.
- Be wary of clicking things you shouldn't. As a general rule of thumb:
- If you weren't expecting an email, don't open any attachments or click any links in there.
- Never ever open zip files or applications unless you explicitly trust the source.
- Avoid opening Word or Excel documents unless you trust the source.
- Hover your mouse over links in emails and you can preview the url you are being sent to - if it isn't what you expect, don't click it.
- If you are in any doubt at all about the authenticity of an email, call the company and ask them.
- Don't install software you don't need - that little gif-making application might seem harmless, but you never know…
- Never click links to access key services like banking. Instead, go and log into your banking via your own app or browser and check for any messages in there.
So that's an overview and top tips for staying safe in this turbulent time – and any time. Better to spend a small amount of time on some of this now than having to spend a lot of time later cleaning up the mess.
For a confidential conversation about your insurance program, contact one of our members today.
General Advice Warning
The information provided is to be regarded as general advice. Whilst we may have collected risk information, your personal objectives, needs or financial situations were not taken into account when preparing this information. We recommend that you consider the suitability of this general advice, in respect of your objectives, financial situation and needs before acting on it. You should obtain and consider the relevant product disclosure statement before making any decision to purchase this financial product.
What is it?
Technology has never been so deeply entwined in our businesses. While it delivers significant efficiencies and convenience, it also comes with significant cyber risks. Many business owners don’t fully understand how their business could be attacked. While others think they don’t have a cyber exposure at all, due to their industry or size. The reality is anybody who collects data or uses a computer with the internet is at risk. Something as simple as an employee clicking on the wrong link, sending an email to the wrong person or using a corrupted website could leave your entire system exposed. Cyber Insurance is one of your best forms of defence.
What it covers?
There are many types of Cyber Insurance now available. Some of the key inclusions to look for are listed below.
First Party Loss
- Incident response costs
- Business income loss
- Data restoration
- Breach response costs
- Notification costs
- Legal defence costs
- Cyber extortion
- Regulatory fines and penalties
- Payment Card Industry (PCI) fines, penalties and assessments
- Cyber reputational harm
Third Party Loss
- Security and Privacy Liability
What can you do right now?
To fully protect yourself and your business, the first steps are to focus on risk management and awareness within your organisation. Simple things such as developing a strong password policy, conducting regular training about cybersecurity, updating IT equipment and security software and creating an incident response plan are essential. The other critical step is to take out an appropriate level of cyber risk insurance. Speak to your local Insurance Advisernet Broker today about tailoring a Cyber Insurance solution for your business.