Preparing for attack
OT poses a monthly scenario from a practitioner. This month, we look at cyber security with Lloyd & Whyte’s Will King
Anna, independent practice owner
“I’ve seen lots of press coverage about cyber-attacks and scams increasing since COVID-19 hit. As an independent practice owner, I’m worried about the impact this might have on my business. After the year we’ve had, the last thing we need is more disruption. Can you advise on how I can minimise the practice’s risk?”
Will King, commercial development manager at Lloyd & Whyte
Over the last year, over a third of small businesses suffered an average cost of £3650 from lost data or assets and that it costs the UK healthcare sector £5.2 million, almost double that of the global average.
As cyber-crime becomes more prevalent it is also becoming more sophisticated. In this article, I aim to help optometry practice owners identify where they are most at risk and how to protect their businesses against and during an attack.
Unfortunately, no matter how secure you believe your system to be, or how well trained your employees are, breaches can and will still occur
What are the risks to your business?
Leading insurer Beazley reports that the two most common forms of attack to deploy ransomware are phishing emails and breaching poorly secured remote desktop protocol (RDP).
RDP enables employees to access their work computer desktops or company’s primary server from home with the press of a button, but the convenience also comes with added risks.
Additionally, social engineering is being deployed, whereby cyber criminals impersonate employees, creating seemingly legitimate communications. Actual invoices have details changed so that funds are diverted into the criminal’s bank accounts. In an industry that has a wide supply chain, security issues like this are a growing concern.
The overwhelming majority of breaches start with malicious emails or other social engineering where victims are tricked into revealing confidential information, usually because the email sounds both genuine and urgent
What can you do to mitigate risk?
Start with a risk assessment to identify areas and people most at risk. We have a cyber risk self-assessment form available on our website.
Issues raised by remote working can be mitigated by implementing strong security protocols, including encryption. Use a multi-factor authentication-enabled virtual private network and have a limited number of password attempts. Given that 80% of hacking breaches involve stolen passwords or credentials, correct passwords protocol is vital.
Passwords should contain at least eight characters and comprise a combination of numbers, symbols and upper and lowercase letters. They should not be shared or written down, or used across different platforms. And they need to be changed regularly.
Beware of phishing emails and keep up to date with the latest scams that exploit current trends. The overwhelming majority of breaches start with malicious emails or other social engineering where victims are tricked into revealing confidential information, usually because the email sounds both genuine and urgent. Risks can be reduced if employees are able to recognise scams, via ongoing security awareness training.
Back-ups and firewalls
Ensure regular back-ups that are verified and stored safely offline are completed. Allowing automatic updates on your firewall, anti-virus software and cloud storage system will greatly reduce the vulnerability in your system and subsequently the chance of you suffering a breach.
Up to 80% of cyber-attacks can be prevented by undertaking Cyber Essentials – the Government-backed cyber security certification scheme that sets out a good baseline of cyber security suitable for all organisations in all sectors. The Government’s guidelines on managing your security can be found online.
Technical expertise and real-world claims handling experience can make the difference between suffering a catastrophic loss or getting back online quickly
What to look for in cyber insurance cover
Unfortunately, no matter how secure you believe your system to be, or how well trained your employees are, breaches can and will still occur, even in small businesses. Such incidences are unlikely to be covered by traditional insurance policies, therefore, it is important to ensure that you have the correct cyber cover in place. Cyber insurance can help protect your business against a range of cyber threats and exposures, including cybercrime, data breaches and system/business interruption.
Things to consider when deciding upon a policy include services such as:
- Access to a 24/7 incident response, so you can react quickly and efficiently to any breach
- Cover for any data protection breaches and reimbursement of any costs of notifying your clients
- Forensic experts provided to identify how the breach occurred and implement software fixes
- Overtime costs paid, so you can get your business back up and running again
- Coverage includes human error, which, according to a study by IBM, it is the main cause (95%) of cyber security breaches.
Technical expertise and real-world claims handling experience can make the difference between suffering a catastrophic loss or getting back online quickly.
For more information, visit the Lloyd & Whyte website.
About the author
Will King is the commercial development manager at Lloyd & Whyte Ltd. He specialises in creating insurance programmes for AOP members to ensure the correct commercial insurances are in place.
Lloyd & Whyte Ltd is registered in England No. 03686765. Lloyd & Whyte (Financial Services) Ltd is registered in England No. 02092560. Registered Office: Affinity House, Bindon Road, Taunton, Somerset, TA2 6AA.