Cyber Security Strategies Can Change After First Punch
In Boxing, as in business, there will always be winners and losers. In sporting events there are referees and rules that govern behaviour. In business, accountants and regulators guide us. However, there are no set rules when it comes to businesses impacted by cybercrime.
There are no referees to intervene or control the cyber aggressor.
How do you ensure your business client is a winner when faced with cyber crime?
To help our brokers and clients respond to taking a cyber punch and, more fittingly, learn how to duck them, this week we announced the appointment of Neal Jardine as Global Cyber Risk Intelligence and Claims Director. Neal joins us from Crawford Insurance Adjusters, where he was the Cyber Practice Leader for North America. He has managed hundreds of cyber claims for businesses around the world.
Neal and I share a view that businesses make cyber crime too easy in today’s highly connected world. “It is only a matter of time until a criminal will find a vulnerability in a business they can exploit”. His advice is that all businesses need the best cyber insurance coverage to respond when they get attacked and to obtain this, they must have strong cyber hygiene in place. BOXX can offer both, which is what drew him to work here. Neal is going to be running a series of workshop and webinars for our broker partners.
Here’s a sense of his key themes:
Hindsight Sucks. Be Prepared.
When firms are prepared they can limit the damage caused by an attack in both time and money. “The best defense is always a good offense,” recommends Neal. “To minimize the impact of an incident, businesses need to have a good plan with everyone trained on how to identify a potential cyber punch. The best plan includes,
-
Employee Education is vital. Tell them, test them, remind them, test again and train those that fail the tests. It’s almost impossible to over-communicate the risk and it’s critical that they pass the tests to validate their understanding of the severity of the potential damage to the business.
-
Having the basics in place is critical. This includes having a well thought out cyber response plan, effective monitoring of who is connecting to the network from both from inside and outside the business, and multi-factor authentication. A business has to be prepared to detect an attack before the criminal lands his first punch and takes them down.”
What to do if it your firm gets digitally knocked out?
Once you have been hit, your speed of response is vital. Neal has led hundreds of responses in his career. “If an incident occurs, the first step is to understand the scope of the situation,” explains Neal. “Mitigation efforts must begin immediately to isolate the affected environment and begin building a new clean environment to restore critical business systems.”
“Communication is critical. This is the time to control the narrative and bring in the right people with the right skills to protect the business’ reputation,” he advises.
In the end, Jardine reminds us that there are no set rules in cybercrime. Every business big or small, every person should be ready and prepared to ‘expect a cyber punch’. “It’s no longer realistic to expect that you won’t be hit.” It’s cool to have someone like Neal on the team that our brokers and clients go to and learn how to stay ahead of the game.
Blog written by Vishal Kundi,
CEO & Co-Found of BOXX Insurance Inc.
Related Posts
Sign up for the BOXX Insurance Newsletter
Get the latest updates about Cyber Insurance and Protection with our newsletter.