At a glance
- Many firms are failing to properly update their insurance covers to keep pace with new risks
- Despite their advantages, cloud computing, mobile working and social media all bring with them added dangers
- Zurich’s insurance covers, as well as their expertise, can help firms minimise these threats
This article counts towards accumulating your annual CII CPD structured learning hours for Emerging Risks.
By reading this article, and correctly answering the three questions underneath, you will have achieved the following learning outcome: Identify the insurance implications of different emerging risks.
Visit the CPD Hub to log in and begin accumulating CPD hours.
The speed at which technology has evolved over the last few years has left many companies struggling to keep pace with emerging new risks.
Technology continues to change the business landscape and, as a result, emerging technology risks have made companies more vulnerable than ever – with some firms failing to properly update insurance covers, leading to inadequate and insufficient protection.
How your customers can combat the risks
SMEs need to be online to survive in this ever-changing marketplace, but there is a lot they can do to mitigate the risks they face.
Good risk management practices are something your customers should explore in depth, but there are certain steps, which they can take in order to minimise their exposure.
- Implement a formal process to update software, firewalls and antivirus programs
- Ensure that personal information on the network is segregated, meaning that a single breach will reveal all of an individual’s personal details
- Use encryption to ensure that sensitive personal data is kept confidential on mobile devices
- Have a comprehensive set of operation and procedural guidelines to support security policies
- Have a clear crisis management plan, which can be put in place as soon as a security breach has occurred. The first 24 hours of a security breach is usually the most critical phase of the investigation process
- Ensure that appropriate insurance is put in place to cover not only the financial exposures but also to ensure access to expertise in the various disciplines required in order to handle the situation effectively and swiftly
SMEs can get risk management information, guidance and advice from brokers and insurers as well as government sources and the industry bodies that represent them.
According to a report commissioned by Zurich, companies still underestimate the threat of many emerging technologies such as cloud computing and social media.
And with the rise of mobile working and workers using their own personal devices, such as smartphones, to connect to company networks, the potential for data breaches and reputational damage has increased dramatically as files are able to be accessed anywhere and at any time.
This ‘bring your own device’ culture is more prevalent among SMEs, but all companies need to be aware of these threats.
“There are many advantages to your workforce bringing their own devices, such as creating flexibility and cost savings,” said Russell Corbould-Warren, Head of SME Underwriting at Zurich. “But the question is how do you contain it? The main problem is these devices can essentially provide an avenue into secure company networks and all the resources that are on them.
“For SMEs, it all comes down to risk management and mitigating the risk as early as possible.”
Many firms, though, still do not believe that they will be victims of an attack but with the world becoming ever more connected, the potential insurance risks are also on the increase.
Ease of access – even for criminals
“Until someone experiences some kind of data loss or cyber attack situation, it is not top of their mind or a detriment to day-to-day business decisions,” said Jay Epton, Director of SMB at Symantec, a provider of security solutions, in the Zurich-commissioned report.
And should a breach or unauthorised access occur, firms are then exposed to breaches of privacy accusations, legal liability, confidential leaks, and brand and reputational damage.
It also has the potential to damage business partners as well.
“What we’ve found is that some cyber criminals are actually targeting smaller firms with the sole aim of going ‘up the line’ to bigger businesses,” said Russell at Zurich. “Some company networks may provide access to third parties, such as supply chains firms, and this could have devastating consequences for both you and them.”
Mobile working is, of course, not the only technological threat facing companies today with web-based data storage opening up new business opportunities as well as risks, and social media networks holding the potential to cause untold PR damage.
Although technology will no doubt become an increasing area of risk to business in years to come, there is still plenty of time to ensure that your customers have the right coverage and protection in place to insure against such an occurrence.