Protecting Business Continuity in the Event of a Coronavirus-based Cyberattack
The unprecedented global pandemic COVID-19 is impacting businesses in ways never before seen. In a recent CNBC survey, more than one-third of senior technology executives said cybersecurity risks have increased as a majority of their employees work from home, and 53% say their firm hasn’t stress-tested their system for an event like this. With 85% of companies also estimating that at least 50% of their employees are now remote, the true level of cyber risk is likely much higher.
With this risk comes increases in phishing and other cyber scams. One respondent to the CNBC survey estimates their organization has seen such incidents rise by 40%. Software technology company Check Point claims that over 4,000 Coronavirus-related domains have been registered globally since January. Of these, at least 5% are suspicious. Coronavirus-related domains are also 50% more likely to be malicious than other domains registered in the same period, including seasonal domains for things like Valentine’s Day. U.S. cyber security firm Proofpoint Inc. says 80% of cyber threats since January 29 are using coronavirus as a theme.
So what is a growing business to do? First, besides balancing employee productivity needs with aggressive monitoring for potential breaches, IT teams must continue to proactively patch and maintain their network cybersecurity programs. Second, companies must provide guidelines and tools such as VPNs (Virtual Private Networks) to manage more employees suddenly working from home – often on their own device and unsecured WiFi networks. And third, if they haven’t already, businessowners should invest in a robust cyber insurance policy.
Keeping in mind that many traditional insurance policies specifically exclude losses resulting from a cyber incident, the right cyber insurance policy is key to helping businessowners mitigate many of the potential losses the coronavirus outbreak has given rise to. Costs and payments to resolve a ransomware attack are typically covered under a policy’s Network Extortion insuring agreement. The resulting incident response costs – forensic investigations (to determine the extent of the attack), legal advice, customer notification requirements, public relations and data restoration – are also usually covered.
In the event of a cyberattack or data breach, companies will also likely face significant loss of income until they restore systems – likely even more so than after a property loss, given the lack of geographic limitations in cyberspace. A customers’ inability to access dashboards or complete purchases, accounting’s inability to generate and pay invoices or employees’ inability to access critical systems or equipment can all lead to revenue loss. Companies will also have ongoing expenses such as utility payments and payroll and may incur new or additional costs to mitigate the effects of a breach – such as paying employees overtime, renting or leasing new equipment or hiring third-parties to support business continuity. A properly structured cyber insurance policy covers all of these expenses.
In addition to the loss scenarios above, more robust cyber insurance policies can include additional protections that may be particularly important in the current situation. For example, the Cysurance policy expands Business Interruption coverage through several clauses. Reputational Events coverage indemnifies you for a loss of customers due to network downtime, so if a customer switches vendors after you suffer a breach or even temporarily goes to a competitor while your site is down, you can recover from your policy. The Preventative Shutdown coverage allows for reimbursement in the event the insured voluntarily shuts down their network to prevent a virus or other threat from spreading, which can significantly limit losses in the event of a successful phishing attack or breach, and System Failure covers downtime due to cyber incidents resulting from human or programming error or infrastructure outage – a heightened risk with so many employees currently working from home for the first time.
In the present environment, the Cysurance policy also provides a competitive advantage through broad policy definitions. Protected Information includes biometrics, internet browsing history and personally identifiable photos and videos, expanding the types of data covered. Extortion Expenses explicitly include Bitcoin and other cryptocurrencies – which more and more ransomware attacks are demanding for ransom payments due to difficulty in tracing the transaction. Additionally, coverage for contractual partners who mandate being named as an additional insured allows policyholders to continue to bid with confidence on new business, despite the heightened sensitivity around cyber risk today.
As businesses adapt to new cyber threats brought on by the coronavirus, it is essential to review cybersecurity protocols and employee training. However, it is also important to remember that nothing can guarantee protection from all cyber threats. In the current operating environment, cyber insurance is an especially critical component of holistic cyber risk management.
This post was written by Kirsten Bay, CEO at our partner Cysurance, the next generation cyber insurance solution.
To learn more about your Cyber Insurance options contact us and we’ll connect you with our solution specialist.