The Insurance Bureau of Canada (IBC) is recognizing Cyber Security Month by providing a number of resources to individuals and businesses to help keep themselves cyber-safe. The COVID-19 pandemic has resulted in an increase in cyber-attacks, as more and more business is being conducted online while people do their best to stay home and away from others. This has resulted in increased opportunities for cyber criminals. As such, cyber security is more important than ever, and it’s always good to remind yourself of the risks.
Most people think they are fairly aware of how to avoid being hacked, however you should be constantly reviewing what you already know, learning about new trends, and testing yourself on your knowledge. To get started and discover what level of cyber security you are really at, try these following links:
- Take the IBC’s Small Business Cyber Security Survey.
- Watch the importance of Cyber Insurance During COVID-19.
- Read how to protect your business from cyber crime.
Cyber insurance provides added security
More than half of businesses (52%) do not carry cyber insurance, which can seem a grave oversight when 40% of businesses eventually become the target of a cyber-attack. Seventy-five percent of businesses use a website to help run their affairs, which also store significant amounts of sensitive digital information. Customer relationship management software is also susceptible to nefarious attacks.
Along with practicing cyber security methods at all times, cyber insurance is one of your best defenses against hackers. Policies can be configured to cover you for losses and liabilities resulting from:
- Privacy breaches (first-party and third-party)
- Computer hacking
- Identity theft
- Phishing scams
- Internet extortion
- Breaches of cyber security
- Distributed denial of service (DDoS) attacks
Additionally, cyber insurance coverage can protect you from infringement claims related to intellectual property, as well as provide financial safeguards for sensitive data and information stored in computing clouds. You can also opt in for protections that cover the cost of investigations, errors and omissions, breaches of regulatory and compliance policies, court costs, and the costs associated with crisis communications.
Common scams perpetrated by cyber criminals
Island hopping is when a hacker will try to gain access to a large organization by infiltrating their smaller clients and partners. You may not be able to question all of your customers, but you can ask other organizations you work closely with if they have implemented any cyber security protocols. If they haven’t, it’s a good sign that they may not be your best choice of partner.
Credential stuffing happens when attackers gain lists of user sign-ins and passwords, which they can then use to gain access to systems. Advise your employees to keep their passwords long and strong and to never store them on computers or in browsers. Password managers work great. They generate hard to crack passwords, and all you have to do is remember your master password. KeePass2 is a very good option, and is free to download. Enabling two-factor authentication through account providers who offer it (like Google, Facebook, LinkedIn and Instagram) makes it even harder for hackers. This requires users to enter their password as usual, and then they are asked for a second authentication key.
Cyber security also involves being hyper aware of phishing scams. An email appears to come from a trusted source, such as from someone within your organization, but when you click on a link or open an attachment it invites malware to be downloaded on to your computer. Check closely where unexpected emails are coming from. Often hackers will use an email address that looks familiar, but there will be a spelling error or slight difference to let you know the message is not legitimate. Hover over links, too, to ensure they are going where they say they are going. If you are still unsure, phone the purported sender directly to ask if they did, indeed, send you a message.
More tips for keeping your information safe
- Keep all of your computers and software up to date. Updates are consistently provided for operating systems to fix areas of vulnerabilities, and it’s up to users to keep up.
- Try not to use unsecured networks, but if you have to, do not sign in to any accounts that hold private information you would not like shared, such as banking websites, social media accounts, and your email.
- Be suspicious. If you are ever contacted by phone, email or text by an individual or organization asking for information that they should already know (good examples are a fake Canada Revenue Agency asking for your social insurance number, or your “bank” asking for your account number), just delete the email or text. If they really need to get a hold of you, they will.
- Do not pick up and plug in found “lost” USB keys or flash drives. It’s tempting to try to find out what’s on them, but a usual scam is to load a drive with malware that attacks your computer the second you plug it in.
- Lock your screens and secure your devices when they are not in use. You never know what might be seen on your monitor, and someone could access your personal information easily.
- Shut computers down at night to keep your network more secure, and also help save on your energy bills.
- Back up your data on an external drive or in a cloud to ensure you still have all your work should something unfortunate happen.
Protect yourself with the help of Lane’s Insurance
If you’re doing business in the digital age, you should consider cyber insurance to be one of the fundamental and essential forms of protection on the market.
The caring, knowledgeable insurance brokers at Lane’s Insurance are here to help protect you and your business or organization from cyber criminals. If you have questions about cyber insurance, contact us at our Calgary, Edmonton, Banff or greater Alberta offices to see what we can do for you.