With the advance of digitization, not only in office work but increasingly in production processes, cyber risk is the main risk that companies have today. The frequency and scope of cyber-disasters may be greater than a third party claim or even fire.
How to increase cyber resilience?
The risk of attack is so high that, to provide coverage, insurance companies themselves require a minimum management of cyber risk by companies. Just as insurance companies ask for fire protection to cover fires, they require companies to protect themselves from cyber incidents to ensure that they are safe.
Prevention is safety
What measures can your company implement to protect against potential cyber attacks and ensure business continuity?
Here are some key strategies that can make the difference between peace of mind and vulnerability to digital threats.
- Multi-factor authentication (MFA) for system accesses (email, ERP, CRM, VPN connections or any cloud solution) in the cloud, especially from accounts with administrator permissions.
- Encrypted backup of all company systems and other offline backup, plus periodic testing of critical data backup recovery procedures.
- Employee training and awareness of cybersecurity.
- Users with administrator privileges must have two distinct profiles. In addition, the local administrator must be disabled on the workers’ computers.
- Minimize systems and programs without manufacturer support. It is common to find old computers with old software in the manufacturing processes. These computers, not having support from the manufacturer, are not updated with security patches every time a new vulnerability is discovered.
- Management and maintenance of security patches in all tools used by the company.
- Have a malicious traffic filtering tool.
- Endpoint protection with antivirus.
- In those industries with machines connected to the internet-either connected to the internal ERP for production orders to reach you, as connected to maintenance providers for easier tracking-, it must be ensured that the IT (office) and OT (factory) networks are separated and segmented.
- Cyber incident contingency plan.
The impact of cyber attacks on small and medium-sized enterprises
There is a false belief that only large companies should be protected. However, the Hiscox 2023 Cyber Readiness Report reveals that small businesses are most affected. In three years, the percentage of firms attacked with fewer than 10 employees increased by more than half to 36%.
On the other hand, it should be noted that the massive arrival of artificial intelligence facilitates the creation of e-mails that supplant the identity of managers, in addition to the advance of malicious software to get more easily deceive users.
The crucial role of cyber insurance in business protection
All the measures discussed in this article help to increase cyber resilience on the part of companies. But since eliminating the risk is impossible, and cybercriminals are constantly evolving (faster than security patches from software manufacturers), cyber insurance is as essential to a business as it is to cover civil liability and property damage.
The benefits of transferring risk to the insurance market through business cyber insurance are numerous, but we would highlight that of demonstrating to clients that the company they have chosen is careful with cyber protection.
