With so many businesses shifting rapidly into a new model where employees work from home (WFH), old risks are returning, and your company’s Cyber Security and Cyber Insurance may need to be revisited.
Cyber criminals’ attacks on individuals, small businesses, and corporations through ransomware attacks increased by 131% between 2018 and 2019. This increase in frequency was accompanied by an increase in the value of the ransoms demanded, some reaching the millions and tens of millions. As employees shift to WFH, companies are at a much higher risk of ransomware attacks through phishing emails and breaches to Remote Desktop Protocol (RDP) software that allows the employee to reach the company’s primary server network from home.
If your company has shifted to partial or primarily WFH, you can reduce the vulnerability of your IT structure. Katherine Keefe, global head of services for Beazley Breach Response, a global leader in IT security, suggests the following measures: “Always ensure employees can access their computer using a virtual private network with multifactor authentication. It is important to whitelist IP addresses that are allowed to connect via RDP, and make sure that unique credentials for remote access are in place – particularly for third parties.”
T Hudson offers Technology and Cybersecurity Insurance to mitigate the financial consequences of a multitude of cyber incidents, including data breaches, business interruption, and network damage. This coverage can be “first party” coverage that applies to you and your business’s damages or “third party” to cover the damages sustained by others sue to the breach to your Cybersecurity.
However, a good risk management strategy, beginning with the security measures suggested above, can help you avoid breaches in the first place. Train your employees about cyber threats and handling of Personally Identifiable Information (PII), and update that training regularly. One-fifth of all reported breaches in 2019 were “accidental exposure”— for example, an employee accidentally sending an email containing PII to the wrong recipient.
It is impossible to be perfectly cyber-secure; threats evolve at least as rapidly as patches and security tech. T Hudson Risk Advisors is here to help you avoid major issues with our Success University(R) employee training program and cover your liability with affordable Cybersecurity Insurance. Give us a call today to see how we can help you.