587-597-5478 heather@thinkinsure.ca
Cyber Insurance Protection Overview

Cyber Insurance Protection Overview

Many insurance companies are including limited cyber coverage in some commercial package policies on the market today.   You need to be aware that this coverage is not intended to provide the higher levels of protection required to cover the varied cyber incidents occurring these days.

Just as you secure your premises to attempt to avoid having a loss, it’s just important to secure your IT systems.  In the event you do suffer a cyber-attack, having a solid cyber insurance policy can provide coverage for both first party and third-party losses.

 

First Party losses are costs that must be born by you, the insured.  This can include:

  • Breach Costs
  • Data Damage
  • Network Failure and resultant Business Interruption
  • Outside provider/cloud service provider failure
  • Cyber extortion and ransomware
  • Customer attrition
  • e-Theft

 

Third Party losses are those costs that you will be liable for as a result of the cyber breach:

  • (Network) Privacy and confidentiality liability
  • Privacy and network security liability
  • Multimedia Liability
  • Technology Errors &Omissions
  • Payment Card Industry Data Security Standard losses (PCI DSS

Additional costs for such expenses incurred in crisis management, fraud response, public relations and forensic and legal may also be included in the protection depending on the insurance product purchased.

 

Premiums will be determined based on a number of factors including:

  • Type and amounts of coverage required
  • Industry and business type
  • Size of the business
  • Type of data stored on the network
  • Risk mitigation and security measures taken by your company
  • History of cyber-attacks
  • Privacy policies

An insured loss whether it be to your physical property, a third-party liability claim or a malicious cyber event can put you out of business.

For more information about commercial insurance in Sherwood Park, feel free to contact Heather Cournoyer at heather@thinkinsure.ca or 587-597-5478.  My business is protecting yours!

Cyber Crime – How To Protect Yourself?

Cyber Crime – How To Protect Yourself?

Hi again, it’s Heather Cournoyer – your commercial insurance advisor. Last week I shared some information about some of threats posed from cyber criminals.  You now have a basic understanding of some of the method’s cyber criminals use.  This week we’ll talk about some of the best practices and how you can protect yourself.

Remember many of the breaches and hacks are caused by simple human error.   I’ll share some tips on what to look for so you aren’t victimized.

Let me remind you that I am not a techie.  I’m a business owner just like you and feel that it’s important to me to understand the risk and prepare.  It’s like putting a fire wall in a building to prevent spread of a fire or ice-melt on your sidewalks to prevent slip and falls.  Cyber risk is huge and very costly and I want to be prepared.  Hopefully this information will be helpful to you and please check with your tech guru for their expertise.

I preface this blog with a reminder that protecting yourself, your data and data of others, is not just a nice thing to do.  There are laws in place that impose strict rules and responsibilities under Provincial and Federal laws.  The Personal Information Protection and Electronic Documents Act (PIPEDA) (PIPEDA) and Canada’s anti-spam legislation (Anti-Spam) are two pieces of legislation.

Here are some suggestions as to how you might protect yourself.

1. Know what’s happening. If you read my first blog, you are already aware of the some of the threats posed by cyber-criminals.  Good for you!

2. Change your passwords. I know!  That’s such a pain.  It’s much easier to use one password for all your sites.  The danger in that is that if your passwords are duplicated and not changed regularly, a hacker has much easier access to all of your sites.  There are a number of software programs available to assist you.  Personally, I use Norton’s Password protector.

3. Secure your home office. Have you changed your router password since it was installed?   Do you have antivirus software and automatic back-up tools?

4. SPAM. You’ve all seen those emails that look like they are coming from someone you know.  So, you click on it or worse yet open an attachment.  Bang – you’ve just downloaded malware onto your system. Check email headers and sender’s addresses and only open attachments of verified trusted senders and those that you are expecting to receive.

5. VPN. With so many business owners and employees working from home, it makes it much more accessible to cyber-criminals.  A Virtual Private Network on your home computer can mask your internet protocol (IP) address so that your online activity is virtually untraceable.  It establishes secure and encrypted connections.  Again, shop around to get good speed and reliability.

6. Public WIFI. Be careful! As I said early, I am not a techie so here’s a link to Norton’s Do’s & Don’ts of using public WIFI

These are just a few tips that many of you may know about.  If not, I hope it’s been helpful.  Remember to call on the tech experts.  I would also suggest that perhaps an Information Technology Audit might be appropriate to make sure you are safeguarding your assets, maintaining data integrity and operating effectively.

In our next blog, I will talk about the next level of cyber protection – yes Insurance!   As technology and society changes, the insurance world must adapt. There are now many insurers who have products available.  We will talk about some of the features to look for.

Thanks again for following me and reading my blogs.  As I said, my goal is to provide business owners with information to help them protect their business with a combination of risk management and insurance.

Remember – “We make a living by what we get; we make a life by what we give”

Take care, stay safe and be well.

Cyber Crime – What is it?

Cyber Crime – What is it?

Breaches, DDo’s, Phishing, Whaling, Malware, Porting, Trikbots, Ransomware and Zoombombing.  What do these words have in common?

Yes! These are all Cyber Crimes and every business owner who owns a computer and uses email or has a website is a target.

And nowadays we are all more exposed than ever.  The majority of business owners and employees are working from home now.  You can bet that cyber criminals are also stepping up their game as security working from home is usually not as effective.

The FBI recently announced that cyber crime has quadrupled compared to the months before the COVID 19 pandemic.

 

Examples of Cyber Risks

  • Employee Error – losing a USB key, failing to secure passwords. If you do hard drive back-ups and the back-up is lost or stolen that’s a huge potential privacy breach that could cost thousands of dollars.
  • Malicious Hackers – These hackers attempt to shut companies down – steal data or money. Hackers have become an enterprise with HR, Research & Development and customer service departments
  • Ransomware/Extortion – This is a hack where data is stolen or made inaccessible and a demand is made, usually for cash (bitcoin). Any business depending on their online presence to sell their products is at risk.
  • Breach – any time sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual or entity without authorization.
  • DDos – Distributed Denial of Service. An attack that attempts to render an online service unavailable by overwhelming it with traffic from multiple sources.
  • Malware – Code with malicious intent that typically steals data or destroys something on the computer. Installed malware on a corporations’ computer can work silently in the background and corrupt months or years worth of data.
  • Phishing – an attempt to obtain sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
  • Threat Agent – An individual or group that can manifest a threat. This may not even be intentional.  It could simply involve an inept computer operator who trashes a batch job by typing the wrong command.
  • Whaling – An attack that typically involves a hacker masquerading as a senior executive asking an employee to transfer money.
  • Porting – (SIM porting) someone impersonating someone requests a mobile provider “port” or move his number to a new SIM card on a different device. Criminals steal personal information via mobile phones in order to gain access to bank accounts, apply for credit in your good name, or impersonate you to defraud your entire contact list.

The list goes on and changes as new threats are created and discovered.  It’s a moving target.

If you are interested in learning more, you can peruse some of these articles that I have include for you at the end of this blog.

Stay tuned for the next blog where I will share some tips from the experts on some of the ways you can protect yourself.

Thanks for following my videos and blogs. For me, it’s not just about protecting consumers by providing them with insurance options.  Its more about education and communication that helps to identify, analyze, evaluate, and treat risk – be it an insurance product or other method of avoiding, reducing, sharing, or retaining the risk.

Remember – “We make a living by what we get; we make a life by what we give”

Take care, stay safe and be well.

 

In the News

April 1, 2020 Cyber-Attacks up 37% Over the Past Month as Covid 19 Bites

https://www.infosecurity-magazine.com/news/cyberattacks-up-37-over-past-month/

Oct 10/19 Cybersecurity breach at TransUnion – 37,000 Canadians compromised.  Occurred in June/July – not discovered until August

https://www.bnnbloomberg.ca/transunion-breach-shows-rising-third-party-cyberattack-threat-in-canada-1.1329808

Oct 8/19 Survey showed that 88% of organizations participating had suffered one or more breaches in past twelve months due to external cyber attacks.

https://www.itworldcanada.com/article/study-suggests-pace-of-cyber-attacks-on-canadian-firms-increasing/422570

Oct 3/19- Just a name or birthday can be worth up to $1.50 on the black market. A scanned passport or driver’s license can command up to $35, and a full ID package (name, address, social insurance number, e-mail address and bank account number) can go for up to $100.

https://www.theglobeandmail.com/featured-reports/article-small-businesses-caught-in-an-epidemic-of-cyber-attacks/