We’ve said it time and again: Solely relying on a cyber liability policy to protect you when you have a cyber-attack or incident is akin to gross negligence. What’s even worse is burying your head in the sand, thinking your current IT services or IT support provider knows what they are doing and have your back.
In the last few months, we’ve heard of numerous firms suffering cyber attacks or cyber incidents and having excessive down time of their systems. In a couple of cases these cyber attacks were the direct result of their existing IT services or IT support provider being hacked and then using their systems to hack these firms. This is gross negligence.
By now you should be are aware of the Microsoft Exchange software bug announced beginning of March 2021. This software bug allowed hackers and nation state actors to break into your email server needing no usernames and passwords. They would then leave behind a tool that allowed them access to your professional services firms email system at will. This tool then allowed them to gain a foothold inside your firm, from which to further compromise other systems inside your firm.
If you were one of the victims whose email server and existing systems have been compromised from this software bug and you then made a claim with your cyber liability insurance provider, you may find your claim refused. Naturally, I can’t think of anything worse than thinking you were covered by an insurance policy and then being told no.
Think of it like this, when you buy a car you get a warranty however if you don’t keep up the servicing of that car at regular intervals or you install a modification to the car it can void the warranty and the car manufacturer can refuse your claim.
Obviously, with cyber liability insurance, this is caused by the following factors.
If you buy a computer but don’t do any maintenance to that item e.g. don’t install software updates or let the computer be old enough to not be able to obtain software updates, then you’re leaving yourself open to being refused a claim by your insurance provider.
Other things that may lead to your claim being refused can include;
- Failure to ensure employees, contractors and suppliers are aware of security issues and how their behaviour can affect the firm and client or customer data.
- Failure to maintain a security regime and ensure security controls are current and consistent with best practice.
- Failure to disclose pre-existing risks that may have been discovered in penetration tests or vulnerability assessments that have not been rectified.
- Incorrect or deliberately false information supplied to the insurance provider on the questionnaire form sent out when obtaining a cyber liability insurance quote.
So how do you protect yourself against your claim being refused and ensure your professional services firm survives a cyber-attack?
You want to invest in your IT and Cyber security protections just as you would invest in the stock market or property. I know it’s tempting to not do this because of the cost. One thing you may not be aware of is the return on investment in your professional services firm can produce 200% to 300%. A really good return on investment in the stock market is between 6% and 8% per annum. It goes without saying that the investment in your professional services firm is the winning strategy.
Obviously, you want to partner with an IT Services or IT Support company with extensive cyber security experience that implements on going cyber security services to monitor the security of your professional services firm’s IT systems 24x7x365. This must be a multi layered approach across all your IT systems either in house, in the cloud and hybrid systems. The service must also have guaranteed response times and you must know how long the data is going to be retained for.
You naturally, want this cyber security, IT services or IT support company to practice what they preach. This way you can ensure you will not fall victim to a cyber-attack due to their gross negligence. I can’t think of anything worse than having your professional services firm destroyed by someone else’s gross negligence.
It goes without saying, you want to combine the above with a rock-solid cyber liability insurance policy. Naturally, by working with an IT support company who has extensive cyber security experience, they will be able to easily answer the multitude of difficult questions that the insurance providers ask on the cyber liability insurance quote form. They will also be able to answer these truthfully and correctly. This will then ensure you have a greater chance of success in making a claim on your cyber liability insurance policy when you need to.
Combine robust cyber security solutions with a robust cyber liability insurance and secure the future of your professional services firm today. Book a discovery call today to let us show you
- How we deliver you enhanced peace of mind.
- How we can increase your team’s productivity.
- How to ensure you do not suffer the devastating consequences of a cyber-attack and we guarantee it.
- How to be a hero to your clients.
- How to get that return on investment you deserve from your professional services firm.