As organizations are becoming more aware of Cyber-attacks and Ransomware and are improving IT security tools they use; Ransomware and Cyber criminals are also evolving and are devising new ways to breach a company's systems.  In addition, expenses related to Cyber breaches/attacks are steadily increasing.  Ponemon's 2019 Cost of a Data Breach study noted that "breaches originating from a malicious Cyber-attack were not only the most common, but also the most expensive."

Below are several tips to help combat Ransomware and other Cyber threats:

1. Strong passwords aren't enough - companies should be implementing and enforcing two factor authentication to prevent unauthorized access using a company account, especially for users with elevated access rights. 
2. "Over the counter" anti-virus is a bit outdated - look into rolling out Endpoint Detection and Response (EDR) software.  It's smarter and responds fast to threats than your average anti-virus software. 
3. Implement Email Spam Filtering - a quality spam Filtering service will not catch all spam and phishing attempts but it will prevent most of them from reaching a user's inbox; therefore reducing the threat that a user errantly clicks on a malicious link For the ones that do get through, educate your staff on how to identify and deal with phishing attempts. 
4. Introduce multiple point of redundancy - in some cases your backup system may be compromised or unavailable.  Remember, cloud servers and backup systems can get hit with ransomware too. It's best to have a backup to your backup.
5. Patch servers and computers regularly and update firmware on hardware devices. 

Last but not least, make sure you have adequate Cyber insurance that covers ransomware events, extortion payments, legal and forensic fees and data recovery in additioon all of the other beneficial coverages that are provided by a Cyber Liability policy.  

Cyber risk and, particularly, the risk from ransomware appears on everyone’s top risks list these days, including ours. The threat from a ransomware attack has rapidly increased over the past nine months, as many organizations continue to “work from home” which can come with more relaxed cybersecurity practices. As we go further into 2021, cybercriminals will continue to become more sophisticated, forcing these organizations to waste resources reacting to a ransomware attack.

Despite being full of positive, useful and educational information, the internet is chock-full of potential dangers, and your children can unintentionally get into quite a few uncomfortable and, sometimes, dangerous situations. These risks are even more prevalent now, as many parents are working from home and children are attending classes remotely. As highlighted in our past blogs on this topic, if you have a standard Homeowners policy, you will likely have little protection from the legal liabilities that can result from inappropriate actions via the internet. So, what can you do?

As companies had to quickly pivot and implement a remote work plan (a lot of them did not have such a plan in place) due to the ongoing COVID-19 pandemic, they became more at risk for a cyber attack and/or breach due to the vulnerabilities they did not even know they had. As a result of this there has been an uptick in the success rate of cyber attacks in the United States.

Coalition Inc., a cyber insurance provider, recently released their H1 2020 Cyber Insurance Claims report that noted a decrease in the frequency of ransomware claims however, its policyholders have experienced a 100% increase in average demands from 2019 to the first quarter of 2020, then an increase of 47% from the first quarter to the second.¹

As a follow up to our previous article on the subject of Cyber Security During a Pandemic, we thought we’d share with you some of the topics used in phishing scams, so that you are better prepared, should you become the target of one.

Most companies have been forced to quickly implement a remote work solution that suited essential employees or even the entire firm’s staff. This has exposed many companies network to new risks as everyone has a different set up at home. Some are using MACs, some using PCs, some have outdated operating systems and software while others are already infected with viruses or malware. 

Given the widespread awareness of Cyber Risk and the increasing trend for companies to consider insurance around this exposure, a company’s preparedness for a Cyber risk related event should be a part of their risk management plan.  Unfortunately, for most organizations, this part of the plan has not been matured. That’s a mistake…

For the last several years Allianz has published a concise and informative report on the top risks that businesses face globally. It is a great opportunity to think about how these risks could affect your business operations and what the impact would be. When thinking about risk, it is important to think about "materiality" and what "financial impact" would be material for your company to cause a disruption. Even through many of the risks on this year’s report are readily insurable, the "disruption factor" of having to manage through a loss is worth considering.

When most businesses think cyber crime, they imagine brute force threats from foreign agents or highly advanced hacker teams. Executives tend to think that external forces well beyond their control make up the vast majority of security loopholes.

What does the new order do?

On May 11^th 2017, President Trump issued the new, signed cyber security executive order that demands each federal agency and department head will be held accountable for cyber security risk to their enterprises; an initiative to better protect the federal government's critical data and systems. It outlines the cyber-risk reporting requirements that they must adhere to and names the framework that they'll use as the standard.