Five tips to protect against ransomware attacks

Ransomware attacks are one of the most common forms of cyber attack in Australia. How can you protect your business?

Ransomware hackers steal businesses’ files and demand ransom payments to get them back. The attacks can be devastating financially for companies that are not prepared.

For example, the WannaCry attack hit 200,000 victims in 150 countries.

If you run a business, follow these five tips to safeguard yourself and your business against such attacks.

1. Update your software

Pay close attention to the software you use. Emergence Insurance recommends you alway accepting options to update or patch your operating system and other key applications immediately updates are available. Updates are often designed to strengthen cyber security.

2. Install antivirus software

Regular software updates alone do not ensure your systems are protected. Viruses are still a threat because they constantly evolve. Guard against them by running a reputable antivirus tool and remember to update your software immediately when updates are available.

3. Use common sense on the internet

Be smart about not exposing yourself to cyber attacks. Think before you click on unfamiliar links and don’t open strange email attachments. Delete all emails that look suspicious.

4. Backup your files often 

Create backups of all your files often. It’s a simple, effective way to ensure that if ransomware thieves steal your files and hold them hostage, the thieves have no leverage against you.

5. Develop a cyber security plan

Develop a long-term plan to strengthen your business’s cyber security. It should include educating your employees; upgrading hardware and software; building a business continuity plan; and buying cyber insurance protection to safeguard your business financially in the event of a cyber attack.

 

Source

Emergence Insurance

Emergence Insurance is here to protect all businesses – large and small – against cyber risks. In fact, that’s all we do, so we’re the specialists in the field.

 

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Small Businesses Are Not Immune To Cyberthreats

Small Businesses Cyber Threat

Small business is not immune to cyberthreats

You might think that if you run a small business, you’re mostly safe from cybercrime or ransomware attacks. After all, why would a hacker bother to target you when there are bigger fish to fry?

These days, though, no one is safe. Cyber attacks are increasing among companies of all sizes. This doesn’t mean it’s time for your staff to panic. It is, however, worth taking a moment to think about your company’s security measures and consider your insurance needs.

 

Small businesses are vulnerable these days

If you still think cyber security is only a concern for larger corporations, you need to update your thinking. The latest data shows that small businesses are just as vulnerable to data breach incidents as larger ones.

The Australian Cyber Security Centre (ACSC) recently reported on this problem, noting that because so many are unprepared for the possibility of cybercrime against their small business, an attack can be particularly devastating. This has been a more serious issue in just the last couple of years.

The ACSC reported that about 90 percent of small organisations experienced a cyber threat or data breach in 2016 of which 58 percent were successful. This is a sharp increase from prior years’ data.

 

Knowing the risks you’re up against

Once you’re aware that small companies do indeed face cyberattacks, the next element to consider is how costly the cyber risks you’re facing might be. The damage can be significant if your SME is ever attacked.

 

There can be a variety of costs that can impact a business due to a cyber attack, including:

  • IT forensic costs
  • Customer notification costs
  • Increased costs of working
  • Legal defense costs

Some customers might abandon your business if they’re worried about security, and others might demand concessions from you that cost money. All this will impact the brand reputation of the company, which is difficult to recover from after an attack.

 

Getting protection against potential losses

Cyber exposures are significant for a business, and it’s only natural to think critically about protecting your company against hackers.

A new mandatory data breach reporting scheme takes effect in Australia in Feb 2018 which will require certain companies to notify customers and the Australian Privacy Commissioner of data breaches. As a result, not just big corporations but also mid-market and smaller companies will want to buy cyber coverage to assist in managing this new regulatory requirement. Companies are becoming increasingly aware of the need to protect themselves. This is why the cyber insurance market is expected to grow dramatically.

In addition, businesses should consider how a cyber insurance policy can complement the business risk management initiatives. As part of a cyber insurance policy, insurers provide an incident response solution to assist business to recover quickly from a cyber attack.

Source: Emergence

 

Compare Cyber Insurance

 

 

Please note Cyberinsurancecomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Cyber Insurance Comparison

CGU Cyber Defence

CGU Cyber Defence

CGU Cyber Defence Product Review

CGU Cyber Defence Protects your business against cyber exposures that can impact your business from direct costs to your business, and claims from third parties. Costs associated with defending cyber claims are also covered. CGU’s incident response team is on alert and ready to take action 24/7.

Key features:

  • All subsidiaries covered including new and former subsidiaries
  • Advancement of defence costs
  • Breach Coach helps you understand what needs to be done
  • Worldwide territorial cover no matter where the attack originated from
  • Covers you for privacy breaches of data you capture and held by service providers (e.g. Cloud, ISP’s etc)
  • Free 1 Hour cyber consultation to assess risk mitigation strategies
  • 24/7 Incident response team
  • Public relations consultancy costs to protect the personal reputation of senior executives

CGU Cyber Defence at a glance

Privacy Breach

Privacy protection against third party claims for loss of;

  • Personal Information
  • Commercially Confidential Information
  • Employee Information
  • Information held by Service Providers (e.g. Cloud, ISP’s etc)
  • Defence costs covered

System Damage

Cover for lost, damaged or destroyed;

  • IT systems,
  • IT records / data
  • Includes retrieving, repairing, restoring or replacing data, systems or hardware
  • Also, includes external IT forensic or security consultants costs

Business interruption

  • Cover for loss of profits due to a Cyber Event
  • No indemnity period restriction
    • Subject to a time excess of 12 hours
  • COMPUTER VIRUS & HACKING
  • Cover for liability arising from hacker attack or virus
  • Covers loss or theft of your data or data for which you are responsible
  • Attacks by employees and third parties covered
  • Includes loss by phishing emails or Denial of Services attacks

 

Computer crime (OPTIONAL EXTENSION)

Cover for crime losses (sub limit applies) including;
– Loss of money
– Covers loss of money from Service Providers systems
– Loss caused by rogue employee or third party

Multimedia Liability

  • Protection against libel, slander or defamation
  • Cover includes infringement of copyright, trademarks & trade names
  • Covers your defence costs and third party’s costs
  • Covers all your marketing material (digital or print)

Breach Of E-Commerce Statutory Duties

  • Covers breach of statutory duty from eCommerce relating to security & management of data
  • Defence costs and compensation payable to third parties

Extortion

  • Covers payment of ransom
  • Costs of negotiating/mediating a security threat
  • Covers crisis management costs to resolve security threats

Brand protection

  • Public relations consultancy costs to protect the
    company brands.

Personal Protection

  • Public relations consultancy costs to protect the personal reputation of senior executives

Privacy Fines & Investigations

  • Cover includes fines and penalties incurred by you due to a privacy breach
  • Includes cover for your defence and investigation costs

Privacy Breach Notification & Loss Mitigation

  • Covers your breach costs including credit monitoring, identity theft monitoring, data restoration and forensic costs
  • Includes your legal costs
  • Access to call centre support services
  • Covers actual or suspected privacy breach

Reward Cover

  • Covers reward expenses to secure conviction of perpetrators of hacking attacks
  • Include payment of money or property for securing a conviction

Download a Brochure PRIcyber_defence_productoverview

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

 

 

Kochie’s Business Builders Explains Cyber Insurance

Kochie's Business Builders

Kochie’s Business Builders Explains Cyber Insurance

To help explain cyber insurance, Steadfast have partnered with Kochie’s Business Builders to produce this short explainer video.

30% of small businesses in Australia experiencing a cybercrime incident

Most cyber attacks are caused by human error the average cost of business was a huge $276,000 in 2015 with over 30% of small businesses in Australia experiencing a cybercrime incident

Why do I need it?

If your business has a website or electronic records, you’re vulnerable to cyber hackers. In fact, it’s likely that your business will suffer a cyber attack at some stage. A cyber attack could cost your business more than money. It could also threaten your intellectual property and put customers’ personal information at risk – which could damage your reputation.
Kochie's Business Builders
What usually isn’t covered?

Exclusions and the excess you need to pay can vary greatly depending on your insurer. Policies generally won’t include cover for:

  • Damage to computer hardware
  • Criminal actions committed by you or your business
  • A cyber attack based on facts of which you were aware
  • Criminals using the internet to steal money from you

Compare Cyber Insurance Quotes from leading Australian Insurers like AIG, Allianz, Brooklyn Underwriting, CGU, Chubb, Dual, Emergence and Zurich.

 

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

How can I protect myself against the WanaCry Ransomware?

Ransomware

WanaCry Ransomware

To best avoid infection of this sort we advise that the following steps are taken to maximise your system protection.

How can I protect myself against the WanaCry Ransomware?

You can protect yourself against the ransomware in the following ways:

  • Ensure you have a valid corporate Antivirus subscription
  • Ensure your Antivirus is up to date
  • Ensure that port 445 is closed on your network
  • Ensure you are up to date with all Microsoft updates on your server and workstations
  • Back up your data with an external hard drive or to the cloud

Please contact your local IT Support if you are unsure if you are protected, or may have the ransomware on your computer.

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrant the accuracy of any information contained therein, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Latest Trends in Cybersecurity

Cybersecurity

Trends in Cybersecurity

The release of the latest Cisco security report shows that the cost of data breaches amounted to more than 20% of revenue on top of a substantial loss of customers and opportunities for more than a third of the organisations breached in 2016.

Some of the report’s major findings included

  • Ransomware is dominating the malware market although it is not a new threat it has evolved to become the most profitable malware type
  • Adobe Flash vulnerabilities continue to pose a prominent threat
  • There is a false sense of security about secure connections

Recommendations from Cisco researchers include:

  • Instituting and testing an incident response plan that will enable a swift return to normal business operations following a ransomware attack
  • Not blindly trusting HTTPS connections and SSL certificates
  • Moving quickly to patch published vulnerabilities in software and systems, including routers and switches that are the components of critical Internet infrastructure
  • Educating users about the threat of malicious browser infections
  • Understanding what actionable threat intelligence really is

Full Cybersecurity Report Click Here

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Could a cyber risks cause disruptions to critical business infrastructure

Cyber Risks

Cyber Risks to critical business infrastructure

When a scheduled flight of a wide-body airliner is cancelled it can cost the airline up to $43,000. So you can imagine what kind of day executives at LOT, the Polish national airline, were having last year when 20 flights were cancelled after computers that issue its flight plans were breached.

“The aviation industry’s growing reliance on data networks, and onboard computer and navigation networks, is rendering it increasingly vulnerable to cyber risks,” says Erlend Munthe-Kaas of Bloomberg Intelligence. “Airlines rely on computers for almost every aspect of operations. As a result, cyber incidents can have devastating consequences, including business interruption and loss of reputation.”

“There’s beginning to be a shift beginning to educate businesses to see the wider, deeper cyber risks picture that in many cases has gone unacknowledged.”

Think of it as cyber creep. The risks aren’t just about protecting your customer’s data, although that remains important. They are insinuating themselves into every nook of your business, creating the possibility of mass disruption to operations and critical infrastructure. As the world becomes more connected, and businesses rely more on machine-to-machine communication and automated manufacturing, the cyber risks pile up. One day, production might grind to a halt. Critical transactions might not take place. Shipments could be steered to incorrect destinations. Planes might not take off.

Continue reading Could a cyber risks cause disruptions to critical business infrastructure

Australian cyber threat to the private sector

Cyber Threat

The Cyber Threat to Australian Business may be larger than first thought with many Australian businesses refusing to report breaches due to concerns the disclosure may adversely affect their reputation or create legal or commercial liabilities.

In the second of the Australian Cyber Security Centres cyber threat report

Extract from  ACSC Threat Report 2016:

Australian industry is persistently targeted by a broad range of malicious cyber activity, risking the profitability, competitiveness and reputation of Australian businesses. The spectrum of malicious cyber activity ranges from online vandalism and cybercrime through to the theft of commercially sensitive intellectual property and negotiation strategies.

The ongoing theft of intellectual property from Australian companies continues to
pose significant challenges to the future competitiveness of Australia’s economy. In
particular, cyber espionage impedes Australia’s competitive advantage in exclusive
and profitable areas of research and development – including intellectual property
generated within our universities, public and private research firms and government
sectors – and provides this advantage to foreign competitors.

The ACSC’s visibility of cyber security incidents affecting industry and critical infrastructure networks is heavily reliant on voluntary self-reporting.
Some companies may be hesitant to report incidents to the government due to concerns the disclosure may adversely affect their reputation or create legal or commercial liabilities. For example, in some cases victim organisations have sought legal advice before reporting an incident.

Many cyber security incidents across the private sector are undetected or unreported. Increased reporting of cyber security incidents by the private sector would subsequently increase the ACSC’s knowledge of cyber adversaries who target Australian industry and critical infrastructure, and the methods they employ. This knowledge would further enable the development of cyber security advice and mitigation strategies.

The ACSC is making a dedicated effort to engage industry on cyber threats and associated mitigation strategies through a process of sustained engagement. However, the private sector’s ability and willingness to recognise the extent of the cyber threat and to implement mitigation strategies varies considerably across and within sectors. Generally, companies that have been extensively targeted or compromised are more likely to view the business risks associated with the cyber threat as sufficient to warrant investment in cyber security.

Those without direct experience of being targeted or a victim may not be aware of the potential economic harm malicious cyber activity can cause their businesses, do not
understand the value of the data they hold, and cannot conceive why they would be targeted.

 

Australian Cyber Threat

Between July 2015 and June 2016, CERT Australia responded to 14,804 cyber security incidents affecting Australian businesses

Between July 2015 and June 2016, CERT Australia responded to 14,804 cyber security incidents affecting Australian businesses, 418 of which involved systems of national interest (SNI) and critical infrastructure (CI).

CERT Australia relies heavily on the voluntary self-reporting of cyber security incidents from a wide variety of sources throughout Australia and internationally and therefore does not have a complete view of incidents impacting Australian industry.

Sources: www.acsc.gov.au

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

 

If Hackers Steal Data Who Pays

It’s Just Hackers

In 2014 Hackers stole data from Yahoo that resulted in the details of 500 million users personal details including names and emails, as well as “unencrypted security questions and answers” be taken.

The breach damaged the trust in the brand, required Yahoo to publicly disclose the cyber-breach and advise all its users to change their passwords.

However, not all users changed their password and some are still reporting loss of data

The Cost of a Cyber Breach*

The costs of a data leak or data loss are rapidly accruing, with the total average cost per data breach within Australia now sitting at $AUD2.82 million, according to a 2015 study from IBM and Ponemon Institute. Moreover, the average cost per lost or stolen record has reached $AUD144, while the average number of breached records per incident is just under 20,000.

 

But I don’t have that many clients

The high-profile breaches recently included MySpace (359 million), LinkedIn (164 million) and Adobe (152 million), however, the hacking of a Gold Coast doctor in 2012 cost $4000 dollars.

Report a cyber incident

The Australian Signals Directorate (ASD) provides government with a greater understanding of cyber threats, and the coordination of whole-of-government operational responses to cyber incidents. The Cyber Security Incident Reporting (CSIR) scheme assists ASD with this role.

The Australian Government Information Security Manual (ISM) states agencies must report cyber security incidents to ASD. Cyber security incident reports are the basis for identifying and responding to cyber security incidents across government.

Reporting cyber security incidents helps ASD to develop a threat environment picture for government systems, and assist other agencies who may also be at risk. Cyber security incident reports are also used for developing new policies, procedures, techniques and training measures to help prevent future incidents.

The types of cyber security incidents agencies should report to ASD include:

  • suspicious or seemingly targeted emails with attachments or links
  • any compromise or corruption of information
  • unauthorised access or intrusion into an ICT system
  • data spills
  • theft or loss of electronic devices that have processed or stored Australian government information
  • intentional or accidental introduction of viruses to a network
  • denial of service attacks
  • suspicious or unauthorised network activity.

To report a cyber incident:

Sources: http://www.asd.gov.au/infosec/reportincident.htm *http://www.cso.com.au/

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Zurich's Digital Resolve Response

zurich_Logo_4c [Konvertiert]

Zurich’s Digital Resolve Response what is it?

Insurers are busy preparing for a explosion in Cyber Insurance clients, but with clients come claims, and for some clients the insurers response to an event will set the standard.

One cyber insurer Zurich has put together a team of specialist companies to make a panel of first respondents to a cyber event, these specialists legal teams, PR teams, digital forensics teams, incident response, and security sciences, investigation, eDiscovery and due diligence.

What is DigitalResolve and how does it work

It can help to:

  • Locate and rectify the source of cyber attacks, failures or breaches
  • Protect businesses from further attacks or disruptions
  • Assess financial losses
  • Protect a business’s brand/reputation
  • Ensure compliance with local regulations
  • Notify victims of data breaches
  • Negotiate ransomsUndertake credit monitoring
  • Recover losses from negligent third parties

Zurich Digital Resolve have access to experts to assist in the following areas:

  • Forensic Accountants
  • Legal Advice
  • Public Relations
  • IT Forensic loss assessment
  • Kidnap and ransom response teams
  • Cyber Extortion Experts
  • Identity Protection
  • Credit Monitoring
  • Public Notification
  • Regulatory No

 

 

Zurich Digital Resolve Group Include

Mandiant

Mandiant, a FireEye company, is the leader in helping organizations respond to and proactively protect against advanced cyber security threats.

“Mandiant is at the forefront of helping organizations rethink how to prepare for security breaches.”

– Michael Chertoff, Former Secretary of Homeland Security

Stroz Friedberg

Stroz Friedberg is a specialized risk management firm built to help clients solve the complex challenges prevalent in today’s digital, connected and regulated business world.

DLA Piper

DLA Piper is a global law firm with lawyers located in more than 30 countries throughout the Americas, Europe, the Middle East, Africa and Asia Pacific, positioning them to help companies with their legal needs anywhere in the world.

Norton Rose

Norton Rose Fulbright is a global law firm.

FleishmanHillard

FleishmanHillard in Australia is part of a global marketing and communications network operated by one of the industry’s leading PR agencies.

Crawford

Crawford & Company is the world’s largest independent provider of claims management solutions to insurance companies and self-insured entities.

If an incident occurs, clients can call a hotline 24/7, 365 days a year. An Incident Manager will be appointed to handle their case and will select a team of experts to act on the client’s behalf. The team will comprise everyone from IT forensic experts and consultants, to legal experts in data protection and cyber breaches, to PR consultants who can help mitigate any reputational damage.

Like to know more


1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs