Author Archives: warwickadmin

7 steps to strengthening your Cyber Security

7 steps to strengthening your Cyber Security

With recent reports stating that cybercrime is now the most common offence in the UK, Cyber Security has never been more important, especially for Businesses. With cyber-attacks on the rise, all companies must take the necessary steps to protect any databases they maintain but most importantly the personal data of their customers and Employees.

We’ve put together a list of 7 steps you can take to help make your business less vulnerable to cyber criminals.

Strong Passwords

While you may have heard it a thousand times, it is still always the best place to start. Having a strong password and a strong password policy could really save you from an attack. Using a strong password is the easiest and cheapest way to give your cyber security a boost and using 8 characters or more, with a variety of upper- and lower-case characters and symbols can go a long way.

It’s also important to keep your passwords varied. Using the same password for multiple accounts could be massively damaging if one of your accounts were to be hacked it would leave all of your accounts vulnerable.

Purchase anti-virus software

If your computer catches a virus, it’s not as visually catastrophic as you may think, your system won’t immediately begin crashing and then fade to a black screen. The reason it’s so important to invest in software to protect your system from viruses and spyware is because there are a lot of tasks being carried out in the background and that’s where the anti-virus software comes in.
A good anti-virus software will keep your system safe from the threats on both the front end and in the background, while also notifying you of potentially harmful websites and links.

Stay up-to-date

Following on from the previous tip, in order to keep all of your operating systems, software and applications at their strongest, it’s important to keep them up-to-date. Cyber criminals are always looking for new ways to exploit your system, but at the same time, the developers of your system are constantly improving their security through updates and patches.

Ensuring that every system in your company is kept up-to-date on a regular basis could potentially save you from the latest method of attack.

Check all links

One of the most common methods cyber criminals use to access personal data is phishing. You may receive email messages that appear to be from trusted sources or well-known brands that ask for your information or require you to click a link to confirm some of your details, however, by clicking the link you could be directed to an unsafe web location and your data could be vulnerable to an attack.

An easy way to check most links is by hovering your mouse over the link itself and it should show the exact address you will be taken to. Some email addresses may appear legitimate, however, it may just be displaying a fake contact name such as ‘Windows Support’ that if clicked would reveal a ‘’ email address.

If you’re suspicious, take an extra second to check that the link is secure before clicking through to a dangerous website.

Be careful when logging in while you’re out

In today’s world, there are plenty of us working while on the go, but it is vital that you remain extra vigilant when away from the office. Finding and connecting to free Wi-Fi when you’re out and about can be a lifesaver, however, free and public Wi-Fi can also be vulnerable to online criminals if the network is not protected properly.

If you can avoid using public Wi-Fi, then it’s best to keep your companies’ data safe by not accessing the network at all. However, if you have to access the network, try using a ‘private browsing’ session so that your credentials won’t be stored locally.

Always log out

This rule applies at all times, but even more so when outside of the office. If you’re logged in to an account with sensitive information such as financial or personal data, ensure that you log out before closing your browser.

If another user were to use the same system after you close the browser, there is a good chance you will still be logged in to any accounts you have accessed during your previous session. It may seem tedious to go through all of your accounts and make sure you’re fully logged out, but it could save you in the long run.

Invest In Cyber Cover

Finally, to make sure your business is fully covered against the threat of cybercrime, take a look at the details of your current Business Insurance policy. Your current cover may not include Cyber Insurance as standard, leaving your business vulnerable if the worst were to happen.
Click here to learn more about Cyber Insurance and the cover we can offer.
For the full, original article please click here
Cyber is the biggest Insurance risk concern

Cyber is the biggest Insurance risk concern

Cyber risks are the top concern among businesses of all sizes.

Of the 1,200 business leaders who participated in an insurer-sponsored survey, 55% said they worry some or a great deal about cyber risks, ahead of medical cost inflation (54%), employee benefit costs (53%), the ability to attract and retain talent (46%) and legal liability (44%).

The Travelers Companies, which has been commissioning the 2019 Travellers Risk Index in 2014, said this is the first time in its survey’s history that cyber has been the top concern among businesses of all sizes.

As concerns about cyber threats have grown, a higher percentage of businesses reported taking proactive measures to safeguard against cyber risks; however, a sizable number have not implemented such preventive best practices. The steps taken by respondents include:

  • Purchasing a cyber Insurance policy (51% of survey participants, up from 39% last year).
  • Creating a business continuity plan in the event of a cyber attack (47%, up from 38%).
  • Taking a cyber risk assessment for themselves (49%, up from 45%) and their vendors (41%, up from 37%).
  • Updating computer passwords (74%, up from 71%).

Tim Francis, Enterprise Cyber Lead at Travelers, said that while more businesses are taking steps to prevent a cyber event, “it’s still alarming that nearly half don’t have the proper insurance coverage.”

Tim Francis, Enterprise Cyber Lead at Travelers, said that while more businesses are taking steps to prevent a cyber event, “it’s still alarming that nearly half don’t have the proper Insurance coverage.”

Given that a single Cyber attack can put a company out of business, Francis said “taking the threat seriously and implementing a risk management program that addresses possible exposures can help a company not only avoid an attack but also recover from one as quickly as possible.”

Since 2015, the percentage of small business respondents that have suffered a Cyber attack has tripled, from 4% to 12% this year. Increases are also being reported among medium-sized companies (10% in 2015 to 20% this year) and large businesses (from 19% to 33%).

“More companies are experiencing cyber attacks,” Francis said. “The cost of a single breach to a small business can easily reach a substantial amount of money on top of the time it takes to restore the business, so protecting a company’s assets with a Cyber Insurance policy is critical.”

For access to the full article by The Insurance Journal, please click here

5 Things to Know About Cyber Insurance

5 Things to Know About Cyber Insurance

More Businesses are recognizing the need for Cyber Insurance as part of an overall security strategy. Here are some key points to consider when Purchasing, and Relying on a Policy.

1. If Your Organization Doesn’t Already Have Cyber Insurance, It Will
Organizations are increasingly investing in Cyber Insurance simply because they have no choice. Clients are insisting their partners have insurance for compliance purposes and regulatory requirements. More and more, having cyber insurance is part of contractual requirements.

For smaller organizations that have not put a strong security program in place, cyber insurance is critical and makes financial sense.

Typical costs for cyber insurance are currently extremely reasonable. If you’re a CISO and you have a breach, what do you want to say?; ‘Whoops, sorry?’ Or, ‘We have a partner, let’s file a claim.’

2. Insurance Coverage Is Not a Substitution for a Security Program
Just like you wouldn’t drive recklessly in a car simply because you have auto insurance, Cyber Insurance should not serve as reasoning to tailor back on investing in security strategy and tools. Under no circumstances should a business purchase Cyber Insurance and assume it is covered without putting the time and investment into a solid security program.

While Cyber Insurance may reimburse costs, it cannot mitigate the reputational damage incurred by a breach or a security incident. Insurance will not reinstate trust from clients and customers post-breach.

3. Security Should Get Involved Early in the Insurance Process
While the conversation about insurance is often being led in other financial divisions of a company, such as at the CFO level, the security department should be involved at the outset to help evaluate policies and coverage levels.

Security staff or the CISO will understand the technical language and definitions in a way that others less tech-savvy and risk-informed cannot. Security is also more qualified to identify important exclusions that may be slipped into the policy and can advise accordingly. In order to ensure the policy has the right inclusions for your specific organization’s needs, security needs to be consulted on each step of the evaluation and purchasing process.

4. Ensure the Requirements of a Policy Are Fulfilled So Your Coverage Won’t Be Nullified
You’ve got a policy and now you’re covered, right? Think again. You are obligated to fulfil and have in place a number of requirements in order for that policy to cover you in the event of a breach or other security incident.

This brings us back to the importance of security’s involvement in the process and a thorough understanding of both the coverage and the policy details. What does your organization need to have in place that it may be overlooking? If the policy requires it, you will be out of luck on coverage in the event of a breach if you haven’t made the proper accommodations.

5. Some Elements of Your Incident Response Plan May Need to Change
Certain steps in an incident response plan may need to be tweaked once a Cyber Insurance policy is in place. This will include your breach reporting timeline because, as almost all policies have requirements about timely reporting.

Secondly, it is critical to develop your IT plan prior to having to use it – and test it out. While many organizations have an incident response plan in theory, a considerable number have not actually put it to the test. Are you sure yours is up to the challenge if a breach occurs?

For the full article by darkreading, please click here

Cyber Breaches result in Huge Regulatory Penalties

Cyber Breaches result in Huge Regulatory Penalties

Despite the constant reports of Cyber breaches, the risk seems to be generally accepted as part and parcel of using the internet and smart phones; in much the same way that motor accidents are an accepted price for the convenience of road transport. We just hope they don’t happen to us.

But perhaps that may change, particularly for companies and their insurers following the Information Commissioners Office (IFO) announcement that they intend to fine British Airways £183m, the largest fine so far under the new General Data Protection Regulations (GDPR).

This follows the much-publicised cyber incident last September when 500,000 customers had their data compromised. The ICO say the breach was down to poor security arrangements, although British Airways has issued a defence saying they faced a sophisticated, malicious criminal attack. It plans to defend the airline’s position ‘vigorously’, including making ‘any necessary appeals’.

Whatever the outcome, the message from the ICO was clear: “When you are entrusted with personal data you must look after it.” And they subsequently announced their intention to fine Marriott Hotel Group £99m. Marriott has also said it plans to appeal.

These draconian fines will be a warning to large companies, but may be a sign we are moving to a position of ‘strict liability’ where whatever security you put in place and however sophisticated the attack, you didn’t do enough. You would hope that smaller companies doing their best without large cyber security budgets will be given more leeway, but we will have to wait and see.

To access the full article by Worthing Herald, please click here

To discover the Commercial Insurance options available through Warwick Davis Insurance, please click here