Organisations throughout the UK are increasing at risk from cyber criminals and the disruption they can cause. Cyber insurance can help, and will play a huge role over the next decade to help protect us. But, cyber insurance can only be the second layer for defence. First and foremost, we all need to take responsibility, and learn from recent events. Following the attack on the NHS, there are certainly lessons for us all, be it running a government organisation or a business.
So, as a specialist cyber insurance broker, what jumped out to us, when reviewing the press coverage of the cyber attack?
Taking responsibility
The NHS is a huge organisation. We certainly do not envy the task of their IT security provider. It is probably, one of, if the MOST difficult organisation to protect in the UK. As we understand, the NHS runs both fragmented and centralised IT systems. As a result local authorities, to a certain extent appear to have local responsibility for ensuring their security patches are up to date, when provided by the central IT provider. In this case, the local authorities affected, appear to have not updated their software, particularly that relating to older versions of Microsoft Windows. This created a weakness in their cyber defence, and ultimately contributed to the success of the ransomware.
What should we learn?
Take updating your software and IT security very seriously. Implement updates as soon as reasonably possible, and delegate this to experts if you are unable to keep on top of this yourself.
People
The ransomware that infiltrated the NHS, relies, to a certain extent on activating the software. We have all received emails that look suspicious. They can often contain links to criminal websites, or files that can disrupt our IT services. If the emails are deleted, the links remain unclicked, such emails may cause no damage to your systems. On the other hand, clicking on a link, opening a ZIP file or downloading a file could cause a serious disruption to your IT systems.
What should we learn?
It is essential the staff within your organisation are trained to spot such emails, and know what to do upon receipt.
Back ups
If your systems are comprised, having a recent, unaffected back up of your data is essential. Those local authorities that maintained regular back ups were able to restore their systems quickly, and avoid further disruption.
What should we learn?
Keep back ups, keep them separate from your main IT systems, so that the ransomware does not affect both your system and your back ups.
Insurance
From the coverage that we reviewed, we cannot see any comments regarding the response from any cyber insurance linked to the NHS disruption. It maybe that the NHS were not insured? It may be that insurers were operating in background to restore the systems without our knowledge.
The NHS is however very different to most organisations. It has a huge annual IT spend, and is ultimately a government body.
As business owner, I ask myself several questions?
- Are we doing all we can to protect our networks and data? “yes”
- What damage could hackers cause our business? “yes, in theory”
- Would we have the resources to rebuild our systems in the vent of cyber security disaster? “possibly, but would depend on the severity”
- Would we know how to deal with cyber criminals trying to extort our business? “no”
- Would you like experts supporting us in the event of a cyber attack/disruption? ‘yes”
- Would we like peace of mind that our business is protected if we are compromised? “YES”
If have similar responses to the questions above, or even if you don’t, cyber insurance can help protect your business.
Please contact our team at Whinney Insurance Brokers for further help and guidance on the cyber insurance available to protect your business. And for more information please visit Cyber Insurance: Cyber Liability Insurance
