Human error driving cyber claims
Our data reveals that approximately three quarters of cyber claims notified in 2018 involved some kind of easily-preventable human error.
Theft of funds, ransomware, extortion and non-malicious data breaches usually start with a human error or oversight such as clicking on a phishing link or not following up a wire transfer request with a phone call.
“The material impact of a cyber event is real and it is becoming increasingly clear that many events could be prevented through basic employee awareness programs on topics ranging from phishing scams to the importance of password complexity. Unfortunately, unless businesses start taking note of these increasingly prevalent incidents, the problem will only become more widespread. Cyber risk and security should be top of mind for business leaders,” says James Burns, cyber product leader at CFC.
The material impact of a cyber event is real and it is becoming increasingly clear that many events could be prevented through basic employee awareness programs. James Burns, Cyber Product Leader, CFC Underwriting
However, he goes on to say that the responsibility doesn’t just lie with businesses.
“Cyber insurance is about more than just affirmative cover, so cyber insurance providers should be offering comprehensive risk management solutions that include things like cybersecurity training for employees. Small businesses, in particular, might not always have the time or resources required to seek out access to these vital tools, so a cyber insurance policy that can provide this is incredibly valuable. Along with other monitoring and preparedness tools, cyber education services help keep events from occurring in the first place and ensure businesses are better able to respond and recover if it does.”
CFC regularly invests in its cyber infrastructure and offers comprehensive risk management services in conjunction with specialist partners like CyberRiskAware, Bitsight, RepKnight and others. Included at no additional cost with every cyber policy, CFC’s risk management services are designed to help businesses, particularly SMEs, proactively monitor and understand their cyber risk posture, educate and train their employees, and prepare for a potential cyber event should crisis strike.
Want to learn more about cyber claims trends? Check out Top findings from our 2018 claims data and UK businesses prime target for funds transfer fraud.