The latest cyber risk causing significant losses to businesses is social engineering.

A social engineering loss is one whereby a party, through the use of deception, manipulates another party into divulging confidential or personal information that may be used for fraudulent purposes.

An example of this is where a company employee is tricked into transferring funds into a fraudster’s account, under direction from what is assumed to be a vendor, client or one of the company’s supervisors. The fraudster will usually send an email claiming to be one of the above-listed people and will then ask the email’s recipient to change banking details where company funds are currently being transferred.

On the surface, these types of fraudulent emails appear to be authentic, with all of the correct company information and logos being displayed. Only careful inspection of the email and the account details listed within the communication will reveal the scam. However, unsuspecting and trusting employees have already unwittingly cost their companies millions of dollars by actioning the instructions of these emails.

Don’t Assume it is Covered by Your Insurance

Contrary to what a lot of business owners think, losses incurred through this particular type of scam aren’t always covered under traditional insurance policies including cyber and crime policies.

There have been a number of cases where Insurers have rejected claims made by businesses that have fallen victim to this particular type of social engineering because the loss did not result from “direct fraud”.

As a general rule, insurance policies providing cover for fraudulent behaviour only apply if a fraudster directly penetrates the company’s systems and illegally accesses the businesses money without consent. However given a social engineering loss occurs with knowledge and consent, albeit via fraudulent methods, insurance policies may contain exclusions in relation to such voluntary parting of funds or property.

Alternatively, they may contain outright social engineering exclusions.

We, therefore, recommend that insureds assume there is no cover unless specifically specified and that you contact Perrymans on 08 8362 7127 to discuss how to protect yourself or your company from this risk.

The post Social Engineering Losses and Insurance appeared first on Perrymans.

No business is immune from of a data breach or cyber attack and the probability of your business being impacted is increasing dramatically. According to PWC’s 2016 Global Economic Crime Survey 65% of Australian businesses responded that they had experienced a cybercrime, having increased from 33% in 2014. The Australian Institute of criminology found that in 2015 the average cost in Australia of a cyber crime was $276,323. Such incidents are increasingly impacting the profitability, competitiveness and reputation of Australian businesses. According to a study by the U.S. National Cyber Security Alliance 60% of small companies are unable to sustain their businesses over 6 months after a cyber attack.

While it is imperative that you consult with your IT provider and implement appropriate security protocols, cyber liability insurance offers an additional layer of protection for your data. Cover extends to a broad range of network, privacy and multimedia related exposures and is an essential component of your business cyber risk management. Some of the key benefits of a Cyber Liability Policy include:

• Business Interruption Loss – Coverage for income loss or loss of profits as a result of interruption to your computer system.
• Data Recovery Expenses – Coverage to recover and/or replace data that is damaged, altered, corrupted, distorted, stolen, misused or destroyed.
• Privacy Regulatory Costs and Penalties – Coverage for defence costs and fines/penalties (where insurable) as a result of a privacy/security breach or breach of privacy regulations.
• Cyber Extortion – Extortion monies and expenses as a result of an extortion threat.
• Liability – Coverage for third party claims arising from transmission of malware, alleged infringement of intellectual property, defamation, invasion of privacy, denial of service and privacy breaches.

In this increasingly hostile environment the two main questions to ask yourself are ‘Could my business continue trading without its IT systems’ and ‘Can I afford to not have cyber insurance to protect my business’?

For more than 40 years Perrymans have been delivering insurance broking services to professionals, business and corporate sectors. Perrymans are specialist insurance brokers for cyber liability and continue to develop a range of innovative, cost effective insurance and risk management solutions that also address market, environmental and regulatory changes.

Contact Perrymans about Cyber Liability insurance today.

The post Cyber Liability: What if you couldn’t access your data tomorrow? appeared first on Perrymans.