Cyber Security Tips for Businesses

The COVID-19 pandemic is an event that has ushered in new opportunities for fraudsters. The Canadian Centre for Cyber Security has noted that cyber attackers often take advantage of high profile events to launch frauds and scams.

Employees working from home needing access to internal services, applications and information normally available when in the office, has introduced new vulnerabilities. In recent years, an increasing number of costly hacking attacks has highlighted the need for insurance protection.

This is a good time to speak with your agent about cyber liability.

Virtually every business relies on information technology (IT) to operate - from emails, websites, and ecommerce to data storage of sensitive information.

When these systems experience a virus or other computer attack, a business is at risk of losing critical information. This information is frequently essential to daily operations, and if customer data is compromised, you can be held liable.

System and data recovery can result in lost income, and can tally thousands in recovery costs. What’s more, liability from insufficient systems security can lead to expensive litigation.

CyberOne coverage meets this growing need

CyberOne insurance helps pay for the costs associated with restoring computer software and recovering data. And, this coverage also protects against third-party liabilities a business might have as a result of a failure of system security.

Highlights of CyberOne coverage:

First Party liability is triggered by a ‘computer attack’ and covers your own financial loss arising from a cyber event such as –

• data restoration from electronic sources
• data recreation from non-electronic sources
• systems restoration
• business income
• public relations

Third Party liability is triggered by a ‘network security liability suit’ and covers you for liability actions against you arising from a cyber event such as –

• a breach of third-party business data
• an unintended propagation of malware
• a denial of service attack in which the insured unintentionally participated.

A Middlesex Mutual agent or broker is always available to answer any questions.

Here are a few tips to share with staff working remotely that will ensure appropriate security protocols are maintained:

Protect Your Devices

• Update and patch. Set up devices to run automatic updates for operating software, primary applications, and security software.
• Turn off Bluetooth or Wi-Fi when not in use. This will prevent cyber criminals from attempting to connect to and access devices.
• Only store business information on company devices. Don’t save work-related documents or data on a personal device.
• Use multi-factor authentication. Create strong, unique, passwords and add an additional layer of protection such as a PIN or a fingerprint.

Spot Fraudulent Activity

Be skeptical. Fraudulent texts and emails can look like they come from a real and credible organization.

• Phishing – emails, texts, or calls requesting sensitive information (i.e. credit card numbers, bank account numbers) that appear to come from a legitimate organization
• Social engineering – information can be gathered about an organization, or employee through the corporate website or social media accounts. The information is then used in a phishing email.
• Ransomware. Malware is used to deny access to a computer system or device until a sum of money is paid.

Secure Home Wi-Fi

Router password. Be sure to change the default password for our router to something strong and hard to guess. Be sure to automate the installation of updates and patches to protect against threats.

The following websites offer additional resources to help mitigate cyber-attacks.

Additional Resources

The Canadian Anti-Fraud Centre’s list of reported scams exploiting COVID-19.

The Canadian Bankers Association’s Cyber Security Toolkit - How to Spot Common Scams.

The Canadian Centre for Cyber Security’s Tips on How to Stay Cyber Healthy During COVID-19.