Changing Cyber Threats Call For New Protection Strategies

If cyber-criminals are anything, they’re adaptive. The threat vectors UK businesses face continue to evolve, and hackers are finding new ways to attack hidden vulnerabilities. The technology landscape and today’s connected world are changing the cyber security environment, too, with more attacks propagating far and wide through the digital links businesses have with vendors, customers and other online sources.

Changes in cybercrime techniques mean that companies need to be sure their strategies—from security practices to cyber insurance coverage—keep pace.

One example of the shift in digital criminals’ tactics is evident in recent dedicated denial of service (DDoS) attacks. These types of events have been around a long time but they have a new twist in this age of connected devices. Historically reliant primarily on the compute power of individual laptops and desktops, DDoS attacks are increasingly taking advantage of the Internet of Things (IoT) to broaden their reach.

Ransomware and other threats have also changed in scale and scope. These attacks are now more prominent and more devastating as attackers have learned to take advantage of the anonymity of the internet.

Businesses need to protect themselves against these evolving cyber-threats. Connected devices are one area where diligence is imperative. Because many manufacturers haven’t made security a priority for security cameras, smart appliances and other connected devices, firms must be ready to add the necessary protective layers themselves.

Other internal steps may include being careful about how contractual links with vendors are structured, while language that spells out how a breach or transmission of a virus or malware will be handled can help to eliminate security gaps and provide clear guidance on responsibility should an incident occur.

Even if IoT devices aren’t intended to support a company’s core business function, they can still be compromised by hackers and they must still be considered for insurance coverage. Networked devices are ubiquitous and largely ignored.

Devices that monitor pipework and other utilities, for instance, can alert a business owner if there’s a leak on the premises, minimizing damage from water or other hazards. It’s a tremendous benefit, but the business—and its insurance company—must ensure that a helpful device is properly secured so it doesn’t become an additional access point for a cyber threat.

With cyber-attacks becoming more commonplace and each one having the potential to touch a wider swath of users, insurers are also reacting to changes in the risk landscape, as a whole. Concerns about the risk of a large, systemic attack affecting considerable numbers of users are prompting carriers to rethink how cyber coverage is packaged and offered.

Many insurers are trying to remove cover for these kinds of wide, impactful events, either through definitions they use in the cover they provide or by incorporating explicit exclusions in their policies. This approach can lead to exposure for businesses, and those risks must be addressed.

As insurance carriers fine tune their approach to cyber-threats, firms need to select insurance products with protections that are relevant to their needs. One example is in the IoT realm. A number of insurance products available in the marketplace provide cover to network systems only, effectively limiting their protection to more traditional computer devices. Only recently have insurance policies begun to extend cover to mobile devices, with a handful of the latest products encompassing IoT devices as well.

On the ransomware side, carriers have started providing additional services that can help businesses avoid disruption and maintain access to their data. Some insurance products now include an automated cloud backup service as part of the offering so that companies can ensure their backups are frequent and robust. If hit with ransomware, the business can put its hands almost immediately on a secure copy of their most recent data and get back to full operations quickly, without having to pay the ransom.

Insurance carriers have also recognized the value of trusted technology partnerships, with some now offering products with built-in protective services aimed at DDoS attacks and similar threats. It’s possible to find cover that includes network and web monitoring, for example, where the insurance provider installs a box on the network for constant monitoring against attack.

The technology partner chosen by the carrier can then detect intrusions and unusual network traffic, alerting the business in real time if a potential threat is discovered. The monitoring platform can also be used as a forensics device to immediately begin investigating any attempted attack.

Flexibility is key, and firms should be mindful about the policies they purchase and ask the right questions to ensure there aren’t any surprises. How would the carrier handle the response in any type of cyber-attack? Do the policy’s definitions stipulate that the attack must specifically target the policyholder to be covered? In an event such as a DDoS attack, would the business be protected?

Purchasing a policy that’s flexible enough to provide cover, even as the cyber threat landscape continues to mature, is critical. Just as technology experts provide valuable counsel on the right security software, the expertise of a broker with specific knowledge in this line of cover can be tremendously helpful. They will be able to assess each firm’s needs and find a policy that’s strong enough, yet flexible enough, to provide the right kind of coverage today and into the future.

What’s Hot on Infosecurity Magazine?