valpolife-logo2

Living in the Smart Ages Calls For the Smartest Security

By: Brittany Mikolajczyk Last Updated: October 25, 2021

We are now in a totally digital age. We have the ability to purchase goods with our watches or with a simple click of a button on our phones without ever taking out our wallets. Students are learning from reading and testing mostly via screens, and many employees are able to work remotely from their houses or favorite coffee shops. These are the times of the future. However, with all the benefits of the internet and the figurative world at our fingertips, the risk of giving hackers our information is an enormous threat. It’s not a matter of if we’ll get hacked, but when.

This topic is so important, that for the last 18 years, the US government has seen fit to name October ‘Cybersecurity Awareness Month.’

There’s been over a 435% increase in cyber attacks since 2019. The estimated loss for the last five years has been more than 13.3 billion dollars. These numbers are skewed because cybersecurity breaches have been notoriously unreported.

“When businesses get hacked, they don’t necessarily want others to know they got hacked. So what often happens is they’ll pay the ransom and only let the required people know what happened,” General Insurance Services’ Cyber Risk Advisor, Scott Templin said.

Templin’s sole position is to help clients understand cybersecurity and the measures that need to be taken for protection. He explains that cybersecurity has previously been thought of as an IT department problem, but that’s not the mentality people should have, especially not the mentality business owners should have.  

A business may think paying the ransom at least ends the issue and then they’ll make a few adjustments and no longer need to worry. However, this is not a great solution, and it’s certainly not an end to the problem.

“What’s scary about this is if you’ve been hit once by a hack, there’s a 50% chance you're going to get hacked again. The vast majority of these breaches are coming from social engineering, which is when somebody clicks on a bad link in an email or something like that. It’s an employee mistake, essentially. The IT department can only do so much to prevent an employee from clicking on a bad link,” said Templin.

Looking at the potential hazards proactively is key to preventing huge losses for companies.

“So when we’re looking at how to protect a business, we at General Insurance Services' focus on having a holistic risk approach. The idea is that the owners or leaders of the business should be the ones who are buying into their cyber risk management,” Templin said.

In the past, many individuals and businesses thought of cybersecurity as just the act of installing antivirus software or purchasing cyber liability insurance. These seemingly simple steps for protection are no longer keeping people safe. Cyber liability insurance policies were previously inexpensive.

“People would buy them, rather than spend money on improving their security. It was cheaper to say ‘well let's just pay for the insurance rather than put in the work to protect ourselves because then insurance will cover us.' But then the claims started to really pile up. So insurance carriers are now forced to either greatly increase the costs or they need to start putting in extra measures to make sure people are taking the risks seriously. Also, if an employee clicks a bad link in an email and the computer is then hacked, a lot of cyber liability policies will only cover a small fraction of that breach,” said Templin.

“So the question is now, how do we improve? How do we get better? We partnered up with Lachesis because we realize businesses first need to do a true assessment of where the problems are before they make any decisions,” Templin said.

The time to have a business review done is now, as potential threats happen every minute.

“The review is no longer something that’s just nice to have, it is now a necessity if a business wants to survive. Something like 30% of small businesses that get a ransomware attack go out of business immediately after, and up to 50% of those will be out of business within two years. Maybe that didn’t happen right away, but the hit was so big that eventually it took its toll,” said Templin.

There are always risks with running a business, but in today’s smart world, the risk management needs to be smart as well. That means not solely thinking of it as an IT problem.

“What we suggest here at GIS is to do the assessment with the understanding that cybersecurity is a business problem and not a technical one. By marrying the business review and the threat assessment, we’re able to put together a report that tells a business where their vulnerabilities lie. So an owner is able to look at the review and see how much money a hack is potentially going to cost the business. Then they can make informed decisions,” said Templin.

Services from GIS and Lachesis means more peace of mind in that companies will have a better understanding of how to keep hackers out of their business.

“What we offer is a year-long program where we meet each month to go over new things that were found and discuss what should be changed. The end goal is like this: we started at point A and we’re not doing well, and by the end of the year we’re hoping that we’ve improved significantly. Unfortunately, a lot of people that I work with are working with me because something’s already happened, and I would really like that mentality to change so that I am working with businesses who we can protect from the beginning,” said Templin.

Running a business in this day and age means a shift in our business mentality. There is hope that we will get there and see less disruption to our day to day business with the help of services from professionals like General Insurance Services and their partners at Lachesis.

For more information onGeneral Insurance Services, visit https://genins.com/.