Aviva calls on brokers to play key role in protecting clients from cyber risk
Aviva has urged brokers to help educate customers on how to improve resilience and ensure they have taken reasonable steps to protect themselves following alerts from government agencies that the commercial world faces an increasing risk of an online attack.
Last month the National Cyber Security Centre asked organisations in the UK to bolster their online defences in light of recent viruses and hacking against Ukrainian organisations.
According to the insurer, most cyber-attacks are not specifically targeted and therefore all businesses are at risk – regardless of shape, size or sector. Aviva cited research showing that 91% of UK companies asked had at least one successful email-based attack in 2021.
Brokers, the provider argued, can play a key role in helping make their business customers aware of how they can protect themselves.
It noted that implementing some basic protective actions (see box) will not only help protect the business from falling victim to a cyber-attack, but it will also ensure they continue to receive all the benefits of their policy.
Cyber controls
Implementing basic cyber controls can dramatically reduce the likelihood of an organisation becoming a victim of a cyber-attack, Aviva has listed. It noted that the US Cyber and Security Infrastructure Agency states that something as basic as implementing multi-factor authentication – where a successful login requires two separate identity checks – can reduce the chances of a cyber-attack by 99%.
Basic protective actions:
- ensuring any access and passwords are personalised and stored securely, and not relying on manufacturer settings;
- back up all data offline regularly – at least once a week, preferably more frequently;
- ensure personal data is stored safely and securely;
- install any software or firmware updates within 14 days of release;
- ensure firewall and virus protection software is installed, active and updated according to the software provider’s instructions
- small businesses that rely on outsourced service providers should have a back-up plan in place in case they become the victim of a cyber attack
Cyber a top-10 business risk
Aviva’s Risk Insights Report published last year detailed that a cyber-attack is the eighth most significant risk that businesses face.
Across 1,251 senior business leaders from small, mid-market and corporate companies surveyed 62% of businesses who highlighted the risk said they were worried about the threat of a cyber-attack, with 19% saying they were extremely worried.
Businesses said they were most exposed to operational disruption and loss of data because of a cyber-attack, with 37% citing both exposures.
Damage to brand and reputation (31%), loss of customer confidence (17%) and financial impacts (28%) were also seen as significant threats stemming from a cyber-attack.
The report also found that 14% of businesses had been the victim of a cyber-attack in the last 12 months, with 11% suffering a data breach or cyber-attack and 5% suffering extortion, including cyber extortion (predominantly ransomware).
Challenges
Alana Muir, regional cyber underwriting manager at Aviva, said: “Unfortunately, the threat of a cyber-attack continues to grow.
“Businesses were forced to adopt remote working during multiple lockdowns, which stretched networks and exposed business systems to attack. However, as we emerge from one business challenge, we are faced with another due to the conflict in Ukraine.”
Muir acknowledged that it was understandable that many small businesses may not draw a link between the conflict in Ukraine and the increased cyber risk to their own business.
“However, as the National Cyber Security Centre has advised British businesses to improve cyber resilience following the crisis in Ukraine, we wanted to ensure brokers and their customers were aware of the increased risk and could take the necessary steps to protect themselves,” she continued.
Vulnerabilities
“Cyber-attacks tend to exploit a network’s vulnerabilities, and from there they follow an unexpected logic, moving from one business to the next. Once it’s out you cannot control it. For SMEs in particular, cyber attacks can be devastating to the company’s reputation, as well as its bottom line.”
Muir concluded: “We think that brokers, as trusted advisors to their customers’ business, have an important role to play in helping their SME customers identify and prepare against this increased threat.”
For all the latest industry news direct to your inbox, sign up for our daily newsletter.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@insuranceage.co.uk.
You are currently unable to print this content. Please contact info@insuranceage.co.uk to find out more.
You are currently unable to copy this content. Please contact info@insuranceage.co.uk to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@insuranceage.co.uk
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@insuranceage.co.uk