There have been many high-profile cyber breaches in recent years which demonstrate the need for businesses to place a strong focus on cyber security. And as we’ve said before, it’s vital that SME’s don’t make the mistake of thinking cyber-criminals target only big corporations just because these types of attack hit the headlines. If anything, it is the reverse, with SMEs more vulnerable to attack than large corporations. For example, recent Aviva data showed that 46% of SME’s had suffered at least 1 cyber breach or attack in the last year.
Sadly, it seems this trend of increasing cybercrime is one that is only continuing. Some areas to look out for when it comes to cyber security in 2021 include:
- Cyber criminals continued exploitation of the COVID-19 pandemic
- Continued use of ransomware attacks
- Looking for vulnerabilities in the supply chain
Continued exploitation of the COVID-19 pandemic
Initially the COVID-19 pandemic saw cyber-attacks target people’s concerns and fears about the pandemic. It saw a wide range of attacks launched from areas such as
- fraudulent sales of PPE or face masks
- phishing emails impersonating organisations such as HMRC, the World Health Organisation or banks spreading misinformation or encouraging people to reveal sensitive or personal information.
- Cyber criminals also sort to capitalise on the huge shift to home working which was done at speed and saw businesses quickly switch to remote working and video conferencing solutions
As the course of the pandemic changes, so too does the behaviour of cyber criminals. It is likely that we will see more attacks linked to the vaccination process now and in the coming months.
Whether this is the spreading of misinformation about the vaccine, or phishing emails linked to the vaccine. Many have already been reported – with fake text messages and emails being sent about the vaccine in a bid to obtain individuals bank details. As well as more recent reports of similar attacks being used to spread malware and ransomware.
As individuals it’s important to be aware of these scams but it is also important as a business owner or manager too. Human error plays a significant role in a cyber breach so educating your staff about these types of attack and what to look out for or question will be key to cyber security at this time.
The National Cyber Security Centre has a Coronavirus hub which provides valuable information and news alerts around Coronavirus related cyber security concerns.
Ransomware Attacks
Ransomware attacks have been increasing in frequency for a number of years now. And it is likely this will continue to be a common attack used by cyber criminals as we enter 2021.
Ransomware is defined as ‘a type of malicious software designed to block access to a computer system until a sum of money is paid.’
There is concern in particular that the health sector could be particularly vulnerable to ransomware attacks in 2021 due in part to the Coronavirus vaccine rollout
Securing your supply chain
Whilst you may be knowledgeable about your business, your IT systems and your cyber security policies and procedures, can you say the same for members of your supply chain?
It is thought that when it comes to cyber security in 2021 we could see cyber criminals targeting wider members of a large organisations supply chain who they see as ‘weaker links’ in a bid to find ways into a business with stronger cyber defences.
Supply chain management will become a prominent feature of the way you manage your cyber risk.
The importance of Cyber Insurance
Figures suggest that as a business you are more than 750 times more likely to suffer cybercrime than you are to suffer a fire or theft at your business premises. Yet data from the ABI shows that a significant number of businesses do not protect themselves by taking out cyber insurance.
If this is true of your business, then 2021 is the time to focus on the risk cybercrime could present and make sure that you have adequate cover in place to protect your business.
It may be beneficial to consider the following areas:
Run a risk assessment
This will allow you to understand your business vulnerabilities when it comes to your IT systems
Assess the potential operating and financial impact of a cyber breach to your business
For example, if personal data was stolen how would you communicate this to customers and could this lead to lost business? How much could it cost to repair damage to your systems caused by hackers? What would you do if you suffered a ransomware attack and were subject to extortion?
Take steps to improve your cyber security
This cyber security guide for small business is a useful resource from the National Cyber Security Centre (NCSC)
Consider a stand-alone Cyber insurance policy
If you are unclear about cyber insurance and what/how much cover you need, working with an experienced insurance broker is likely to be your best option.
Ensure that you make conscious buying decisions when it comes to your insurance – not investing in cyber insurance because you lack knowledge of the product or what it can offer isn’t the right path. Do your research, work with a broker and actively decide whether or not cyber insurance is right for your business.
Cybercrime isn’t going away so we would strongly recommend that businesses of all sizes take steps to protect themselves against this risk and invest in cyber insurance. The coverage can be far reaching and provide a valuable safety net if your business is the victim of a cyber-attack. At Anthony Jones, we have experts who can help you to understand your risks when it comes to cybercrime and who can provide advice on the right level of cyber insurance to protect your business. Get in touch with us today on 0208 290 9080 or email us at cyber@anthonyjones.com.