The importance of effective cyber risk management

There is now a greater reliance on digital services for agents, this makes it even more important to review and invest in cybersecurity to manage the risk of potentially disruptive cyber incidents.

39 per cent of UK businesses identified a cyber-attack in the last year according to the UK Government’s Cyber Security Survey 2022, although the report suggests the figure may be even higher as organisations may not be identifying attacks and are therefore under-reporting.

Cyber-attacks are on the rise, but despite this growing risk, less than a quarter (23 per cent) of UK businesses have a formal cybersecurity strategy in place.

In today’s world, no organisation is immune from a cyber-attack or data breach, whether this is due to criminal activity or employee error. From phishing attempts to ransomware, distributed denial of service attacks and malware, businesses face a number of cyber risks.

For any organisation, a cyber incident can be extremely damaging – potentially leading to the loss of data, financial penalties and other costs, as well as reputational damage. One of the biggest impacts on an organisation in the event of a cyber-attack or data breach is business interruption.

Cyber attacks

Effective cyber risk management can help to protect your business and your clients. Attackers will often seek to control computer infrastructure and use it as a platform for carrying out other activities, such as sending spam and phishing emails. They also launch ransomware attacks, locking victims out of their data and demanding a ransom to restore access.

It is important to understand what your cyber vulnerabilities are, and what is required to deal with these vulnerabilities and strengthen your defences. 

Here are some key questions to consider before, during, and after a cyber-attack.

Before

How do you currently understand and manage cyber risk? What are your existing cybersecurity capabilities? 

During

Do you have a tried and tested recovery and continuity plan for cyber incidents that can be immediately activated in the event of an attack or data breach? 

After

If personal data was lost due to a breach, do you have a communication plan in place to notify the affected individuals? This should be done promptly so they can take the necessary safeguarding steps. What can you learn from the incident that can help manage future risk?

Compliance

The National Cyber Security Centre’s tools and services offer a suite of useful information. Do you follow the guide to cyber security?

While it is not currently possible to prevent all cyber-attacks, all the time, having a robust cyber incident management plan can be vital. Even if disruption to services is minimal, if you are found to have failed in your responsibilities to secure personal data, you could be investigated by the Information Commissioner, and fined if found negligent.

How Gallagher can help

The specialist team at Gallagher can help obtain the appropriate cyber insurance for agents. Call 0800 288 4921 to find out more.

Gallagher: insurance

Gallagher are Propertymark's official insurance broking partner, offering up to 20 per cent off professional indemnity insurance for members. If you would like advice on your insurance programme contact the dedicated Gallagher team.