FALL/WINTER 2017-2018 | BWD 11
Will your cyber insurance cover you if you don’t
Cyber threats have become a critical concern for
the country’s 28 million small businesses, with
the Justice Department recording nearly 300,000
cybersecurity complaints in 2016 alone. Sixty percent
of companies fail after a cyberattack due to the costs
of the attack itself: legal, identity protection, lost time,
lost data, lost clients and confidence.
keep your system in shape? Not necessarily. Valley
Techlogic, Inc. found a cyber insurance policy exclusion
that refuses coverage for events “arising out of or
resulting from the failure to, within a reasonable period
of time, install customary software product updates
and releases, or apply customary security-related
software patches, to computers and other components
of computer systems.” Check your policy, and your
practices, to ensure your coverage is intact.
Patches strengthen your system
One of the most powerful and basic IT system maintenance
tools you can use to keep hackers out is the “patch.” Patching
can prevent hackers from getting into your system and
compromising or even destroying your business. Every program
you use, app you install and system you run is dependent
upon good computer code. While code is not always perfect,
every application regularly issues patches to fix defects in the
programming.
But let’s face it, with hundreds of pieces of software to manage,
a help desk to run and all of the other responsibilities tasked
to your IT department, downloading and installing patches is
rarely a top priority.
It’s time to move patches to the top of the list. Here’s why:
Even after the patches were made available, many companies failed
to implement them quickly enough — leaving them susceptible to
WannaCry in May and the Petya ransomware in June. These attacks
affected businesses such as FedEx, Mondelez International, Inc. and
many others. Mondelez International, for example, said the cyberattack
reduced their quarterly growth rate by three percent resulting in a drop
in their share price.
While Rehmann can help you respond to and recover from a hack, why
not be prepared and keep a patch kit handy in the event of emergency?
Your kit should include tools to help you track available patches for your
system, a patch implementation plan and a broom to sweep out any
obsolete equipment or software.
To learn more about Rehmann’s patch kit, visit us at
www.rehmann.com/patch-kit.
Not patching is expensive
The recent Equifax hack was possible because Equifax did not
patch its systems. We do not know what the financial costs of
this will be. But do you remember the WannaCry ransomware
attack? Thousands of companies worldwide lost up to $4 billion
when hackers used stolen National Security Agency (NSA)
tools to cause havoc. Sadly, WannaCry was successful because
businesses failed to install widely available patches to prevent
it. When hackers stole the NSA hacking tools in 2017 and
made them available to other cybercriminals around the globe,
programmers at Microsoft released patches in March to prevent
it from harming computers.
REHMANN CAN HELP:
1 Define your patch system
2 Provide vulnerability scans to assess where
patches are missing
3 Perform malware scans to ensure hackers
are not already in your system
References: http://www.propertycasualty360.com/2017/07/27/us-house-talks-cyber-insurance-threats-and-busines?slreturn=1501615119; http://www.valleytechlogic.com/2017/06/dirty-loophole-lets-insurance-companies-refuse-cover-cybercrime-theft-business/;
http://www.cbsnews.com/news/wannacry-ransomware-attacks-wannacry-virus-losses/