The first claim filed under a cyber insurance policy at Argo Pro involved a phishing email. An employee was suspicious and did the right thing in not opening an email attachment. But the IT employee who was asked to look into the situation opened the attachment anyway, triggering a $100,000 ransomware attack. Ransomware is a type of malware that prevents or limits users from accessing their computers unless a ransom is paid.
Since that incident four years ago, ransomware and other forms of cyber threats, such as data breaches involving stolen credit card information, have gotten significantly worse, not to mention more sophisticated and widespread. WannaCry is just one recent example.
Spam emails loaded with ransomware increased a whopping 6,000 percent in 2016 compared with the previous year, according to a study from IBM Security. U.S. data breaches also hit an all-time high in 2016, increasing 40 percent compared to 2015.
Assessing the risks
Do you know if you’ve done everything you could to safeguard against a cyberattack? At Argo Pro, for example, officials have been working with a third-party vendor to help develop tools to score a company’s cyber risk potential.
Here are three things you can proactively do on your own.
Secure your laptop
Losing your laptop or having it stolen can happen to anyone.
Just ask the U.S. Secret Service.
But at least there are ways to help stop a data breach from happening. Is the data protected with the latest encryption software? Does your company have a way of remotely wiping sensitive data to ensure it never leaks?
If unsure, check with your IT department.
Be on guard for spear phishing
If you got an email – even from a sender you recognize – tread carefully when it comes to opening that attachment. Even if it looks like your mom sent it.
Cyber criminals, spammers and even spies from other countries are engaging in a more targeted form of phishing called spear phishing. That’s where emails are designed to appear to come from someone you know and trust.
An incident involving Google Docs recently made headlines regarding a scheme where spammers dispatched malicious email that appeared to come from senders people knew.
One step to help prevent this from happening is enabling multifactor authentication, which is offered by Google and most other email, social media and banking services.
Other preventive measures include training your employees to be on the lookout for suspicious emails so they can alert your IT department. Phishing-simulator training tools that attempt to trick employees into clicking on the wrong kinds of email are also available.
Make sure you have a robust cyber insurance plan
Whether you currently have insurance that covers cyber attacks or you’re shopping around for a new plan, having a robust, comprehensive policy is critical to mitigating the financial burden related to a cyberattack. At Argo Pro, officials have spent the last few months rewriting its cyber policy form to ensure it meets those needs. (It also expressly states cyber liability in the other forms that have been updated.)
Our Cyber Tech PROtectSM form includes these important features, which should be part of your coverage as well.
- First-party coverages
- Forensics (costs related to investigating a data breach)
- Notifications and call centers
- Public relations
- Credit monitoring and ID restoration and monitoring
- Business interruption
- Payment card industry (PCI) assessment, fines and penalties
- Third-party coverage
- Reward expenses paid for information leading to an arrest and conviction of a hacker
- Option to handle notification expenses outside the limit for a specified number of affected individuals (by endorsement)
- Claims handled in-house, with additional support provided by an expert panel of cyber vendors
Although there are no guarantees you won’t be the victim of a cyberattack, these measures can help you and your company reduce the chance you’ll become a victim.
About Argo Pro
Argo Pro, a member of Argo Group, is a leading provider of professional lines insurance products and services that can accommodate medium and large organizations on an admitted and non-admitted basis. Through a single operating platform and a robust network of appointed wholesale and retail distribution partners, Argo Pro offers a broad, customizable portfolio of errors and omissions and management liability insurance solutions. Argo Pro maintains offices in Chicago, Jersey City, San Francisco, Scottsdale and Hamilton Township (New Jersey).