Cyber crime is increasing at an alarming rate globally and is actually the fastest growing crime in the world. This is crime that is targeted at a company’s most valuable assets, data and reputation. What’s more, these crimes are no longer only targeting big businesses, but medium and small ones as well.
Why is cybercrime matching on like this? Several reasons:
With the proliferation of apps, the internet, IoT, AI, social media and more sophisticated methods of harvesting data, businesses are more exposed to criminals than ever. Something that we do as easily as downloading apps on our phones or even hovering over a link on our computers without even clicking can give a hacker access to our systems and therefore our data. A single malicious app can give criminals access to our call logs, galleries, text messages and worst of all, whatsapp messages which we consider very safe.
Criminals are ahead
These people are mostly ahead of their targets. Malware can sit in a victim’s system for months without them ever realizing. That means that the criminals can have a wealth of information about a company, and yet the company knows nothing of these faceless people. Many times companies really can’t deal with that kind of stealth and will only know of a breach after it has happened.
Lack of intelligence in companies
Further to the point above, hackers are mostly ahead of the game in a lot of cases and it is difficult for many companies to keep up with them. By the time a company is dealing with a specific threat, the criminals are already onto the next one. Not many companies can afford the intelligence to foresee these crimes before they hit them.
Keeping systems safe is a very expensive affair. With the rapidly changing nature of cyber crime, a company would have to be continuously purchasing new tools and technologies to keep countering threats. As well as employing or outsourcing different levels of manpower to deal with different threats. In the end, a company could end up having so many tools to fight cyber crime that they overlap each other and even create blindspots for hackers to exploit. There’s no winning here!
Cyber crime is a business
Gone are the days when hackers were young people holed up in their parents’ basements getting into some mischief. Hackers are now organized into full on enterprises that run like any other business complete with price lists, discounts, and occasional sales like new year’s. Hacking is now business and business is good! Breaches are worth very huge amounts of money and these underground economies are able to employ the best and pay them well.
Malware hides better
In earlier days, malware was more identifiable. It came in files like executables so at least there was a fairly clear warning not to click on .exe extensions for example. Now even a PowerPoint presentation or excel sheet can be used to get you. Something as every day as a CV uploaded onto a company’s site by a ‘job seeker’ can contain malware. And HR will click because they probably called out for CVs in the first place. To make matters worse, one person getting breached in an organization can give hackers access to the whole company for further attacks. Employees are not so self aware to avoid pitfalls and we can’t exactly blame them.
Too much gloom right? Truthfully yes. The world is that bad. We’re relying more and more on technology and yet the more we use technology the more exposed we are to massive breaches. And technology is not stopping. Think of Artificial Intelligence and robotics which is where we’re at. Think of Internet of Things and the internet as a whole. Think of social media and how easy it is for someone interested to know what you’re upto – sometimes unknowingly through your own fault in how you share stuff.
Yet, despite the gloomy picture we’ve painted here, and as much as data is the most valuable asset for a company, standard property policies do not cover companies for cyber risks. Well at least until now. In short if a company is breached by cyber criminals, they’re on their own.
AON Kenya yesterday launched a Cyber Enterprise Solutions – an insurance cover that will offer businesses protection against cyber criminals, data loss and possible effects of a breach in their systems. The policy will cover damage as a result of network security breaches, business interruption, cyber terrorism, and expense coverage arising from system failure among other services.
I must say this is a timely product given the direction in which the world is moving, and how vulnerable and helpless many businesses are feeling.