probably most at risk are those that don’t think they have an exposure because they think they are too small, too secure, or too unlikely of a target. These businesses are less likely to have adequate security or train their employees, making them a prime target for cybercriminals on the lookout for low-hanging fruit. James Tuplin, AXA XL: The three most targeted industries in the last six to nine months are manufacturers, government councils and government entities and hospitals. Manufacturers are now running their businesses online and remote working is becoming more prevalent. IT and network access to plants and products is becoming the norm. However, these industries still think of themselves as a physically controlled environment and that’s what makes them vulnerable. In the past, these industries were never targeted for data breaches because they don’t hold data, however, ransomware has changed that. Due to the way they view themselves, they generally have old systems and dated security. In addition, workers in these environments aren’t trained to the same level as employees in technology companies. For these types of industries, their products
and plants are all controlled by IT and systems that have been built over many years, but haven’t had the IT servicing that other businesses have. Managing IT systems has a significant cost attached to it and some companies simply don’t have the funds allocated for this. Tom Draper, Gallagher: As businesses of all shapes and sizes become more reliant on the digital world, their risk exposures increase. The reality is that all organisations are vulnerable, and the impact of an attack can be huge. However, if an organisation handles sensitive customer data such as names, addresses, or banking information, or if they are reliant on computer systems to conduct their business, they need to be particularly mindful of their cyber risk exposures, as there is a high risk of customer data being compromised in the event of a security breach. We’re seeing a rise in attacks against healthcare providers, local councils in the UK and government agencies in the US, and the hospitality sector – all organisations which have access to large volumes of customer data. Additionally, the manufacturing sector including automotive, electronics and pharmaceutical companies – is particularly
TOP FIVE CYBER SECURITY THREATS FOR SMALL BUSINESSES
Phishing attacks
Malware attacks
Ransomware
Weak passwords
Insider threats Source: Expert Insights (2020)
vulnerable, because attackers can often demand a high amount of money from these businesses as well as sell information to competitors, and severely disrupt supply chains.
www.insurancebusinessmag.com/uk
7
