Practice what you preach
While selling cyber risk to your business clients, you may be missing your most important client - your own brokerage.
Video transcript below:
Reporter: You want your business to be more transparent, more accessible to the client through your online presence, but you also want to maintain your client’s privacy and protect their information. Creating an online strategy to mitigate cyber risk is the Big Picture.
While selling cyber risk insurance to your business clients you may be missing the most important client of all, your own brokerage.
Pete Nickel, Insurance Business
Pete Nickel: I think in a lot of companies, a lot of, a lot of the focus tends to be on those external vulnerabilities and threats. So we hear a lot about China and Russia and the different hackers that are coming from there and they’ve got different approaches. They’ve got those sniper approaches.
We know we want to go after the banks, we know we want to go after the big retailers and we’ve seen some of that in recent news, but predominantly what we are seeing is what is known as a shock and approach and really what they are doing is just trying to cast as big of a net out there, almost like sea fishing and see what they can bring up and bring in and sell.
And that I think is the forefront of what most people are considering, but the biggest threat really comes from an internal perspective and through malicious or negligent and ignorant employee behaviour. It can be going to websites they probably shouldn’t or sending emails they probably shouldn’t or losing their flash disks and hard drives and their smart phones and opening up the vulnerabilities that way. Password protection tends to be an issue. All these things need to be considered.
Again in the way you build right IT practices or the way you build the website and the coding that you use on the backend utilising the newest types of wording out there, [IPv sets] and things like that, but also in the practices that you allow your employees to do.
And what are you going to allow them to put on their smartphone and how much access to the network are you going to provide them in, from a mobile estate. So you are seeing it internally and externally and in most cases it’s going to be negligent behaviour. Rarely are you going to see anybody be malicious, but there are certainly enough cases out there that you have to be concerned about that.