Testimonials

  • I didn't realise my motorcycle had to be restricted so I did not ride it and got it restricted as the certificate shows. It was done today. My other insurance…
Read More

Cyber Insurance

Cyber incidents are on the rise, H&R Insurance is witnessing a dramatic increase in cyber claims in Scotland and within our Aberdeen client base. Claims rose by 100% between 2018 and 2019. Typical cyber incidents range from email phishing, to ransomware attacks, and business email compromise incidents. In fact, according to the Allianz risk barometer, which was produced prior to COVID-19, cyber incidents were ranked as the top peril for companies large and small, no business is immune from attack. Fortunately, you can protect your company from the risk of cyber-attacks by taking advice from local IT specialists as well as purchasing a cyber insurance policy.

Read on for details of typical insurance cover H&R Insurance can provide advice on, as well as guidance surrounding the minimum-security standards which companies need to adhere to.

What information do I need to provide for a quote?

If you would like to obtain a quotation for Cyber insurance then please refer to the example proposal form linked below as this document shows the information an insurer typically requires in order to produce a quotation.

Please contact us if you have any questions regarding the information required and we will be happy to assist.

What could Cyber insurance policies cover?

First Party (Your Protection):

  • Cyber Response
    Reasonable and necessary costs for the services of the Breach Response Provider following an actual or suspected Cyber Event, Cyber Extortion or Data Breach. Making necessary and reasonable recommendation as to how the cause might be terminated or mitigated.
  • Cyber Restoration
    Replace, restore, or repair Data and Software that has been lost or damaged.
  • Cyber Expense
    The collection of information and notification to Data Subjects and / or the Supervisory Authority of an alleged or actual breach of Data Protection Legislation. The purchase of identity and credit theft insurance. An expert to provide advice to minimise adverse publicity.
  • Court Attendance Costs
    Compensation for attending court as a witness in connection with a claim against you.
  • Cyber Extortion
    The value of any ransom paid by you or on your behalf for the purpose of terminating the Cyber Extortion.
  • Business Interruption
    Due to a cyber event, cyber events are excluded in standard Commercial Combined policies.
  • Cyber Crime
    Electronic funds transfer as a result of a fraudulent written, electronic or telephone instruction designed to mislead you and or your employees.

Third Party Claims:

  • Cyber Liability
    In the event that a 3rd party brings a claim against you this will pay for any Damage Awards, Regulatory Awards and Defense Costs for an actual or alleged Data Breach.
  • Network Security Liability
    Pay for the Damage Awards and Defense Costs arising from a cyber event which results in damage / destruction / alternation of / unauthorised access to or disclosure of Data shared on a 3rd party Computer System.
  • Media Liability
    over for Defamation including libel and slander. Misappropriation of any name or likeness for commercial advantage.
  • Payment Card Industry Liability
    Cover if a Payment Service Provider brings a claim against you for an actual or alleged breach of any contractual duty under a payment card processing agreement, including contractual fines or penalties due to non-compliance with PCI data security standards.


What are the minimum levels of security needed?

Employees Using Their Own Personal Computer Equipment to Work Remotely – Employers must ensure they make reasonable precautions to ensure Employee personal computer equipment delivers the same level of virus protection as the Company.

Remote Working Employees – Employees who are connecting to company IT systems should do so by using secure, remote access channels e.g. VPN or a SaaS resources (such as Office 365). Speak to your IT provider to arrange setting up secure remote access channels.

Information Security Policy – Ensure your policy is up-to-date and relevant for your own business situations.

Password Protocol / Two Factor Authentication – Ensure passwords are complex and require regular changes, enable Two Factor Authentication. Speak to your IT provider to set up Two Factor Authentication.

Bank Account Changes – it is very important that any changes to supplier or client bank details are verified over the phone, using the contact details you hold on file for the Company before any changes are made.

Virus Protection – Virus protection software needs to be installed on all PC’s, including laptops, on a subscribed service. Free virus protection software does not offer enough virus protection. Virus Protection software needs to be updated frequently, at least once a month. An insurer will ask for evidence of your virus protection software subscription, if you cannot provide this information, it may jeopardise your claim.

Firewalls - Make sure all internet and external access points to your network are secured by firewall(s). Ensure all non-active ports are disabled. Firewalls need to be maintained by your IT provider and updated regularly. If you are unsure when your firewall was last updated, or unsure if your non-active ports are disabled, speak to your IT provider. An insurer will ask for evidence when your firewall was last updated. If you cannot provide this information, it may jeopardise your claim.

Operating System Updates – Operating system updates need to be downloaded and applied to all computers, including servers, as and when they become available, and at least once a month. An insurer will ask for evidence of updates being applied, if you cannot provide this information, it may jeopardize your claim.

Payment Controls – Consider reviewing the payment limit that a single employee can authorise on their own.

Employee Training – Make sure you undertake Employee Cyber education and training with all Employees, and they are aware of the dangers of social engineering fraud.

Backups – Backups must be performed at least every 7 days and cover all your business-critical data. Backups must be disconnected from your network. This process is described as having ‘air’ between the backed-up data and the actual data. Back-up data should be integrity tested. If you are unsure about any area of you back-up routine, speak to your IT provider. In the event of a cyber-attack your IT provider will require your backup data to reinstate your data. If there is an issue with the backup data, an insurer will ask for evidence that backups were being routinely carried out. Failure to provide this evidence may jeopardise your claim.



Case Studies

Client A – Email Account Hack
Unknown to our client, one of their supplier’s email accounts had been hacked and email traffic from their supplier was being monitored. The hacker had taken control of the supplier’s email account and was selectively deciding which emails to let through and which emails to delete.

Every month our client received an invoice from their supplier. However, this month the supplier issued the invoice as normal and asked for the invoice to be paid into an alternative bank account. Our client queried the request with the supplier, and they responded that this was correct. Little did our client know that the hacker was responding and not the supplier. Our client paid the invoice into the new bank account details.

Unfortunately, the fraud wasn’t discovered until the supplier chased our client for non-payment of the invoice, at that point the fraud was uncovered. The client has taken legal advice on the matter, legally the invoice remains unpaid so our client is legally required to pay the invoice again, even though it was proven that the supplier’s email account was the source of the attack.

Client B – Ransomware Attack
Our client was the victim of a ransomware attack. It is thought the malicious code infected the company network via an employee clicking on a compromised email attachment. Once the code was deployed it quickly spread throughout the whole organisation, taking down every computer and server which was connected to the network. Our client acted quickly; their own IT company was on hand to help them gain control of their network again. This process took their IT supplier many additional man hours, these additional man hours would later be claimed back from their Cyber Insurance policy. Their cyber insurance policy also enabled expert remote assistance to the local IT firm to tackle and combat the ransomware attack.

Client C - Email Phishing
An Accounts Manager at a local company received a phishing email from a Hacker. After a full investigation it was determined that there had been no security breach but was a result of an opportunistic hacker trying to see if the person would respond to the email.

The company’s IT provider told them it was likely the hacker used Linkedin to understand the company structure, and to get the appropriate email addresses.

The hacker found out who the business owner was and then worked out who the Accounts Manager was. Once they had this information, they created a reasonable email ‘from’ the business owner to the Account Manager to ask, ‘What is the cleared balance in the bank as at close of business yesterday?’ Thankfully, the phishing email attempt was picked up by the Accounts Manager and they did not respond to the email.

It has provided an important lesson to the company and provided a training opportunity to reiterate to everyone to be aware of what comes in via email, as not everything is as it seems.


Why not give us a call?

01224 848111

This email address is being protected from spambots. You need JavaScript enabled to view it.

Monday to Friday
9.00am - 5.00pm

Saturday & Sunday
Closed