As our reliance on the digital world increases it is no real wonder that cybercrime is on the increase, and this has been clearly evident in the last few years.
For the opportunistic cybercriminal, it’s been a good time to commit cybercrime, as the pandemic forced us to move away from our usual routines and reliable systems, leaving an exploitable gap in our security as we quickly adapted to new ways of working.
Between April and June 2021, the ICO reported that there were 2552 data security incidents in the UK with 688 of those related to a cybercrime. The healthcare sector was one of the most affected with 607 data security incidents in total – 108 a direct result of a cyberattack. (More on types of cyber-attack below).
The most common attack occurred through email or social media, and accounted for 53% of all attacks on businesses, leading to substantial multi-million pound losses. Healthcare, financial institutions, manufacturing, real estate, and education were the most targeted industries.
Whether a big or small-scale event, a cyber-attack is likely to have serious consequences for any business – shutting systems, deleting data, preventing data access or stopping them from trading altogether. Dealing with the fall out of a cyber-attack can be complicated and stressful, not to mention time-consuming and potentially expensive.
Types of Cyber-attack
Cyber-attacks can take many forms, all engineered to get the victim to disclose information or take action, or to infect systems with malicious software. Phishing, malware attacks and ransomware pose a threat to all businesses.
It’s common to think that cyber threats against businesses come from unrelated hackers, cyber-attacks or ransomware and are big events, but sometimes they can be more subtle and come from sources a little closer to home. The four categories that cyber threats against a business typically originate from are insider threats, human error or negligence, external threats and third-party threats.
Wherever the threat originates the bottom line is how you to respond. Have you thought about how you would continue to run your care home if you lost access to all your data? You could lose access to client records and supplier data, order information, diary appointments, financial data, your website and more. If you are held to ransom for access to patient files, the financial consequences could be significant.
Additionally, you may be affected by reputational damage, which could affect existing relationships and damage future prosperity. You may need to rebuild and replace lost systems or create a new website. And, if a data breach occurred you are likely to face significant fines from the Information Commissioner’s Office.
All of the above will require money, time and resources and need to be addressed in a timely manner to help you retain customers, employees, your reputation and may ultimately affect the future of your care facility.
Having a comprehensive contingency and business interruption plan in place along with adequate insurance will help you to address and quickly overcome any fallout from a cyber-attack. A robust plan is vital to make sure you meet your legal obligations regarding data breaches and to reassure your customers.
The benefits of cyber insurance
Cyber insurance is a must for any care home business because it provides you with protection and peace of mind, should the worst happen. It will help against denial of service, which may occur with ransomware, the recovery from computer virus damage, which may have resulted in a significant loss of data, and other data breaches such as the loss of a memory stick or laptop.
Getting assistance quickly and from reputable, knowledgeable and reliable sources will be key in ensuring your business can continue to operate with minimal disruption.
If your care home holds data on a computer system, even with anti-virus software in place, you can still be vulnerable to a breach. Cyber insurance is relatively inexpensive and will provide you and your business with complete reassurance in the face of a data breach crisis. Every business is different and will have specific needs, so make sure you get advice for your unique situation and requirements. Don’t wait until you have experienced a cyber-attack to put measures in place, be proactive and help protect your care facility now.
For information on Cyber Liability Insurance please speak to Barnes Commercial on 01480 272727 or visit their website www.barnesinsurancebroker.co.uk