info@whinneyinsurance.co.uk     0208 659 5038
Whinney Insurance Brokers
  • Get a quote
  • Commercial
    • Commercial Insurance
    • Commercial Crime Insurance
    • Cyber Insurance
    • Medical Indemnity
    • Medical Malpractice
    • Private Medical
    • Professional Indemnity
    • Start Up Businesses
    • Landlords Insurance
  • Financial Services
    • Asset Managers
    • Financial Institutions
    • Financial Technology (FinTech)
    • Fund Managers
    • IFAs and Financial Advisors
    • Mortgage Brokers
  • IT & Technology
    • IT Companies
    • Computer Programmers
    • Cyber Insurance
    • Games Developers
    • IT Analysts
    • IT Contractors
    • Software Companies
    • Software Developers
    • Web Design
  • Marketing & Media
    • Marketing Companies
    • Advertising Agencies
    • Broadcasters
    • Copywriters
    • Digital Marketing
    • Marketing Consultants
    • Publishers
    • Public Relations
    • Sales Promotion
  • Photography & Film
    • BAPLA members
    • Commercial Film Producers
    • Film Makers
    • Photographers
    • Picture Libraries
    • Production Companies
    • Production Indemnity Insurance
    • Production Insurance
    • Production Studio Insurance
    • Stills Producers
    • Videographers
  • News
  • About
  • Contact

Why financial institutions should consider cyber insurance above all else

  • Home
  • Blog
  • Why financial institutions should consider cyber insurance above all else
Why financial institutions should consider cyber insurance above all else

Why financial institutions should consider cyber insurance above all else

No business is immune from a cyber attack. We recently had an underwriter compare cyber crime to the infinite monkey theorem. If you give cyber criminals enough time and resources, they will eventually hack into whatever business they target, no matter how big or small. Even some of our national institutions like British Airways have been hit. 

There is however, a particular problem with financial institutions and cybercrime. Our blunt conclusion is twofold; 

  1. They are attractive to cyber criminals. Fund managers and hedge funds are not afraid to promote what they do. “We have a £xbn fund”, “we have £xm’s of assets under the management”. The bigger the perceived prize, the greater the motivation for cyber criminals to break down the security.  
  1. Those working in financial services are money people. Experts in managing money, not experts in IT security. This is particularly pertinent to the small financial services firms such as boutique fund managers and hedge funds who often manage £X millions, but don’t necessarily have the same level of protections as you see from the larger institutions. Nor would you expect a fund manager with £100m assets under management to have the same level of security as a bank for example. But this again, makes the small firms a more attractive target. 

One of the most common types of cyber claims we see affecting financial institutions is what is known as social engineering. This is when cyber criminals intercept calls or emails, pretending to be someone they are not using hacked email accounts or setting up dummy email accounts that look and feel just like a standard email. They use these accounts to request the transfer for funds from A to B, with B usually being the criminal’s bank account. The most common of which is a criminal pretending to be a senior manager or company director and demanding an employee or numerous employees make an urgent transfer on their behalf. They will often provide legitimate reasons and a plausible explanation for the urgent transfer request, even using the same language and tone of voice within emails as the person they’re imitating.  

One of the best prevention strategies for such instances is education. Educating firms and their employees on the techniques criminals use, often through phishing emails. We have even heard of larger institutions running “phishing tests” whereby they employ specialist cyber experts to send phishing emails and then detect which employees detect the phishing and which don’t. Such exercises test the company’s resilience to such crimes, and can also be used as an education for all involved. 

We suggest all financial institutions should spend as much time and resources as practically possible to improve their cyber security, in proportion to the size of the business. I once attended a lecture where the lecturer explained that any business that wishes to grow should spend a minimum of 5% of revenue on marketing. I had always believed that the broad brush approach was a load of nonsense and I did wonder whether the lecturer had ever run a business. But, if someone were to say to me now that businesses should spend say 2% of revenue on cyber security and cyber insurance I would certainly agree, especially if that business were established and profitable. Until companies build their resilience to prevent such claims, I’m afraid things will only get worse and all those working in financial services will continue to be a prime target for cyber criminals. 

Prevention is better than cure, but cyber insurance can be a very helpful cure when all else fails. 


Whinney Insurance are experts in cyber security, we can help protect your business from risk. Read more about how to avoid a cyber attack here. Contact us now.


Tags:

Article business Cyber crime Cyber Security Risk Technology Workplaces

Share This Post

Recent Posts

  • US & Canadian clients and Professional Indemnity March 8, 2022
  • Why financial institutions should consider cyber insurance above all else February 25, 2022
  • Fund Managers & Insurance: More risks facing fund managers February 22, 2022
  • Fund Managers & Insurance: What are the greatest risks facing fund managers?  February 16, 2022
  • Real risk facing software companies (part 1) December 30, 2021

Contact Us

info@whinneyinsurance.co.uk

London
New Derwent House, 69-73 Theobalds Road, London, England, WC1X 8TA

Essex
c/o Haines Watts Colchester, Town Wall House, 4 Balkerne Hill, Colchester CO3 3AD

Legal Statement

Whinney Insurance Brokers is a trading name of Williamson Carson & Co Ltd, which is authorised and regulated by the Financial Conduct Authority. Register Number 146295.

Services

  • Commercial Insurance Products
  • Professional Indemnity
  • Financial Services
  • IT & Technology
  • Marketing & Media
  • Photography & Film Insurance
Whinney Insurance Brokers is a trading name of Williamson Carson & Co Ltd, which is authorised and regulated by the Financial Conduct Authority.Register Number 146295.
  • Privacy Policy
  • Terms of Use
  • Terms of Business
This website uses cookies that provide necessary site functionality and improve your online experience. By continuing to use this website, you agree to the use of cookies.

Our Privacy Statement provides more information about what cookies we use and how you can change them. Accept Reject Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT