Skip to main content
Commercial/Business Blogs

Cyber Insurance: What is it and Is it right for you?

By November 1, 2022No Comments

“In today’s fast-changing world, it’s not so much what you know anymore that counts, because often what you know is old.  It’s how fast you learn. That skill is priceless.”   – Robert Kiyosaki

“The world is changing quickly, and we must be ready to change with it or risk being left behind.”Najib Razak

I suspect that we all agree with how these two people have described our current world.  Changes happen daily now.  This is especially true in the world of computers and high tech in which we find ourselves.  Smart phones, iPads, Laptops, are now a part of our everyday lives.

I myself grew up in a time of rotary phones, telex machines, pagers, and an occasional computer.  Our lives are being broadcast on social media platforms and our bank accounts are all apps on our phones; every form of communication is on the internet.  This is amazing in so many ways and yet very scary too.

I haven’t personally experienced identity theft, ransomware, or any violation of personal privacy but that doesn’t mean that eventually I won’t.  It happens daily- every hour, minute and second cybercrimes are being committed.  This is how Cyber Security turned from an occasional endorsement on insurance policies to a critical and important risk management tool that should be considered and offered to ALL commercial customers big and small alike.  I hope you find the following information valuable and useful.

What is Ransomware?  

Ransomware is a malicious software created to deny access to a computer system until a ransom is paid.  Ransomware can be spread in a variety of ways:
1. a phishing email that appears as a legitimate invoice, image, or link
2. a visit to an infected website or
3. an ad containing malware that has been injected into a legitimate webpage.

When an unsuspecting victim opens an email or inadvertently falls into an online trap containing ransomware, the virus is silently installed on the victim’s computer.  In fact, requested ransom amounts rose nearly 200% from 2018 to 2019, according to The Crypsis Group.

Ransomware manifests in different ways:
1. Lock screen ransomware displays a window that prevents access to any part of the computer until a ransom is paid.
2. File-encrypting ransomware keeps the computer available but scrambles certain files and databases, then displays a pop-up screen with instructions on how to buy a private decryption key that will unlock the scrambled files.

Obviously, this is a problem for any business or individual who has been a target of this crime.  Businesses remain a primary target due to the susceptibility of employees- in fact, some studies suggest phishing emails are clicked eight to 20 percent of the time, depending on content.  To make matter worse, phishing grew near nearly 41% in 2018.

What to do?
Here are tips from the US Cybersecurity and Infrastructure Security Agency (CISA) to protect yourself and your business from these attacks:

Update software and operating systems with the lates patches.  Outdated applications and operating systems are the target of most attacks.
Never click on links or open attachments in unsolicited emails.
Back up data on a regular basis.  Keep it on a separate device and store it offline.
Restrict users’ permissions to install and run software applications and apply the principle of “least privilege” to all systems and services.  Restricting these privileges may prevent malware from running or limit its capability to spread throughout a network.
Configure firewalls to block access to known malicious IP addresses
Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users
Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing
Audit your network for systems using Remote Desktop Protocol (RDP) for remote communication and disable the service if unneeded
Be sure to enable strong passwords along with multi-factor authentication for any RDP-enabled systems.

Even the most diligent company can fall prey to these attacks.  Consider purchasing Cyber Liability coverage to protect your business against the expenses associated without data breach and check out our interactive Cyber Coverage ideas (here).


Dan McLaughlin, Licensed Agent