Jordan Tirone
DeSanctis Insurance Agency, Inc.
Cyber Attacks Top Todays Risk to You and Your Company As we take a closer look at cyber risk, it is helpful to consider two questions: Do you have a Cyber Incident Response Plan? Will you survive a cyber-attack?
R
egardless of the industry in which your firm operates, cyber risks can be broken down into three categories: Data, Disruption, and Dollars. In this article, we’ll take a look at how each one of these risks can cripple contractors and subcontractors.
Data: Corporate Data: Every contractor uses and stores a variety of in-house data. This data can include, but not limited to proprietary blue prints and plans, financials, business development models, the list can go on. Nonetheless, this is information that you would never want accessible to the outside public. Employee Data: As an employer, you possess and are trusted with your employee’s personal data, such as social security numbers, bank accounts, and medical records. Data in Transit: More now than ever we rely on remote technology and are constantly transferring data, which often is stored with a third party. Many have the perception that the respected third party protects and holds responsibility for the safe keeping of this data. This unfortunately is not true whereas the collector/owner of that data maintains legal responsibly, which cannot be transferred even by written contract. Dollars and Assets: Cyber criminals are after your money and your clients’ money. Who/What poses a threat?: Not all attacks come from the outside (hackers, ransomware, keyloggers, and business email compromise). Employees are also a large driver of cyber losses. One of the APRIL, 2021
best examples of the damage a malicious or disgruntled employee can cause comes from a professional services firm in the UK. The story goes like this: A firm hires a new employee to perform data entry and data integration, the employee works from 9am to 5pm and then leaves work, bringing all their data from work home with them to their significant other who is a hacker. The hacker uses this information to commit wide-scale insurance fraud.
What can I do to protect my company and its assets? With any surge of negative incidents comes positive resources to counteract. Below are a few day to day actions that can be taken to better ensure cyber resiliency. Firewalls and Anti-Virus Software: Think about this from the analogy of a burglar looking to continued on page 53
“BUY FROM THE ADVERTISERS IN CONSTRUCTION OUTLOOK”
51
