Cyber Risk Management – Top 10 Practical Tips

Last weekend’s global cyber attack proved that cyber risk is a very real threat to businesses no matter where you are. The attack is believed to be the biggest online extortion scheme ever recorded with 200,000 victims impacted across the world and numbers are still going up. There are a number of quick easy steps you can take to reduce the risk to your business from ransomware, hacking attacks, viruses, privacy breaches and theft of data.

1. Handling Sensitive Data
How should sensitive data be handled and stored and by who? Consider whether there should be restrictions on access to sensitive information.

2. Remote access
Have a system to ensure security is maintained while accessing work documents from the road or at home.

3. Portable media
Introduce policies for use on devices such as USB drives, CDs and DVDs to safeguard from malware and important data being stolen.

4. Email compromise
Carefully validate ad hoc and suspicious payment instructions as the sender may be a fraudster claiming to be a director, manager or vendor.

5. Secure web pages and software
Look for ‘https://’ and a padlock symbol on your browser and always review alerts before downloading new software.

7. Anti-virus software
Use up to date anti-virus software to prevent online attacks (old software may not detect new malware).

8. Business continuity plan
Build cyber threats into your company’s business continuity plans alongside other kinds of potential major disruptions.

9. Run a simulation
Running scenario based drills to test the impact and response times to various types of breaches will aid in identifying where your company’s greatest weaknesses are so that they can be adequately addressed.

10. Staff education
Keep staff updated on the latest threats and responses you have in place to prevent a breach. Staff are your main exposure but also your best defence, so the better informed they are, the better protected your company is.

Is your business at risk?

One of our insurance partners (NZI) has developed a quick online assessment tool. Take a look at NZICYBER’s site to find out your level of exposure. If you’re interested in managing cyber risk with insurance and we haven’t already arranged Cyber Risk cover for you, contact us to discuss the most appropriate solution for your business.