A significant rise in data breaches combined with a spate of recent high profile cases, has prompted the Cardiff based insurance broker, Creative Risk Solutions, to launch an initiative to increase awareness of the need for companies to cover their exposure to cyber liabilities.
According to the Information Commissioner’s Office (ICO), data breaches in the UK have increased tenfold in the past five years. Only last month, the Ministry of Justice was fined £140,000 by the ICO after sensitive personal information of more than 1,000 inmates at Cardiff Prison was accidentally emailed to three prisoners’ families. The ICO investigation highlighted the lack of management oversight, audit trails and security processes that allowed the unauthorised release of the data to happen and to remain undetected until it was reported by a member of one of the families. It also uncovered two other previous occasions where a data breach had occurred.
This incident highlighted not only the fact that any organisation that deals with electronic data is at risk of a cyber-breach or data leak, but also that it is not always due to deliberate external attacks. A joint study carried out in 2013 by US computer security specialist, Symantec, and the Ponemon Institute, into the global cost of data breaches, found that most data breaches in 2012 were caused by human error and system glitches.
Another high profile case, which was reported in the media in August was that of the upmarket estate agent, Foxtons, who suffered a possible data breach when hackers claimed to have posted online a list of 10,000 of the company’s customer e-mail addresses, usernames and passwords. With fines of up to £500,000 on companies that lose information due to negligence, the need to make sure that data is secure is now more important than ever.
However, it is not just large companies that should be concerned about their cyber security. Jan Wilkins, Managing Director of Creative Risk Solutions said: “75% of data breaches occur in organisations with less than 100 employees and most would not have the expertise to deal with a serious breach. Factors and costs they would need to consider would include sourcing specialist IT support, advising clients in the correct manner of the potential breach, managing the PR implications as well as appointing expert lawyers to defend any issues from regulatory bodies.”
Creative Risk Solutions has teamed up with global insurance giant, AIG, to launch an initiative to increase awareness amongst Welsh companies of the need to cover the risks associated with the increasing threat from cyber liability. Whilst the company has seen an increase in enquiries from its own clients, it has also identified the fact that the majority of SMEs are unaware of these risks and are consequently not insured. It will be working with AIG to offer its customers the new CyberEdge insurance policy, which has been specifically designed to cover the cyber risks that companies face.
Ms Wilkins adds, “There was a time when the risks to a business were easily defined, it used to be that you’d only need to invest in security and insurance for your physical assets, but nowadays you need to safeguard your virtual assets too.
“Cyber-attacks and data breaches are now serious and real issues that can not only affect your company financially, but also can damage your reputation and cause a loss of trust from your customers. Even the accidental loss of a USB stick or the opening of an innocent looking email can result in a cyber-breach. If your employees aren’t fully aware of the threats posed and there are no processes in place on how to prevent them, this means that you are constantly at risk.”
On Wednesday 20th November, Creative Risk Solutions will be holding a free breakfast Seminar at the Cardiff City Stadium. This will include a talk from Simon O’Gorman, an IT Security Expert for the international security and defence firm, Selex who will look at the growing threat of hacking and highlight just how easily your business could suffer a data breach. There will also be a talk by Rachael Shoer, Senior Development Underwriter at AIG, who will give an outline of the UK government’s cyber security initiative, the new European legislations coming into effect and how the CyberEdge insurance policy can cover the costs of a data breach.