The human element of cyber risk presents one of the biggest challenges in the security environment, one expert has said.
While many businesses will rightly focus on the digital elements of cyber security and attack prevention, such as ensuring server security or malware protection, staff training is just as important.
Phishing-type cyber attacks utilising ransomware are now commonplace and the impact they have on Australian businesses can be devastating. The person that receives an email or accepts an online scenario at face-value is often the weakest link in the security chain, said Mario Bekes, managing director of Insight Intelligence, and no IT system can protect a business from ignorance.
Bekes said that companies need to invest in their ‘human firewall’ to help protect against attacks which are becoming ever-more sophisticated in their use of social engineering.
“We have seen a growing awareness from firms of the need to look at their cyber security from a people perspective and not just an IT perspective. However, there is a long way to go for firms to act on this effectively,” Bekes told Insurance Business
For brokers, it is important that their clients remain informed about the changing threat landscape. Relevant, on-going staff training could be the difference between the prevention of a cyber attack or a small business being forced to pay a ransom for their data in the event of a breach.
Bekes said that all businesses should consider cyber cover and stressed that the industry has an important role to play in the cyber security market.
“I’m no insurance broker, but I think every business should consider cyber protection and what the consequences are if they get compromised,” he explained. “Insurance has a big role to play in this and insurers have the opportunity to play a leading role in helping to stop problems in the first place.”
It is often said that any business with an internet connection is at risk of cyber attacks and experts across both the cyber security and cyber insurance industry have said that ignorance is no longer a defence. This could have a lasting impact on the insurance landscape as it means that directors could be held responsible in the event of a data breach.
The rise of the Internet of Things (IoT) will see more threats created in 2017 and beyond. One recent attack, which shut down major international sites such as Netflix, Twitter and Paypal by utilising security cameras and other IoT devices, points to the future of cyber attacks around the world.
Bekes sees the development of IoT-based attacks as a key issue for the cyber industry over the coming year. By utilising smart devices, hackers will be able to attack more businesses with more frequency, highlighting the importance cyber cover will increasingly have.
‘Most disruptive’ cyber attack could change the industry
Cyber-risk costs companies more than $100billion annually - Geneva Association