With an increased focus on cyberattacks in recent years, companies are stepping up their security game and strengthening their risk management approach – and it’s paying off. While cyber claims are down year-to-date in 2022, and premiums are starting to level off, there’s a major risk that should still be at the forefront of everyone’s security focus: phishing attacks.
Phishing attacks have accounted for more than half of cyber insurance claims this year, and businesses with revenue under $25 million are frequent targets. Cybercriminals often prey on small- and medium-sized organizations, as they may not have the resources to quickly counteract an attack.
Although phishing attacks happen frequently, there are steps you can take to manage your risk and put policies in place to help protect against future attacks.
What is phishing?
Phishing is a type of social engineering attack where scammers use text messages or emails to trick individuals into disclosing personal information, logins, passwords, and more. Once they have the information, they use it to access work accounts, bank accounts, and other personal data. Sometimes they sell the information to other scammers too.
Phishing communications often appear to come from someone you know, like a colleague, friend, company, or vendor. You’ll receive an email or text with a link or an attachment, and once you click the link and enter the requested information, the scammer steals your credentials.
Here are some tips to stay vigilant and recognize phishing scams:
- Hover over (but don’t click) a link in an email to see if the website looks unfamiliar
- If an email is requesting payment or account details, go to the actual website for that company instead of clicking on the link in the email or text
- If you receive a request from a colleague, friend, or family member, reach out to that person through a separate email or text and verify the request
Educate Your Employees on Phishing
No matter how large or small your organization is, you need documented policies and training programs on data and IT security. One phishing incident can cost more than $1,500 per employee, which doesn’t include the cost of reputational damage and the loss of customer trust.
What is the best place to start? Being proactive. Not only do robust data protection policies and training programs strengthen your security position, but they can also help you manage your cyber insurance costs. Insurers want to know that companies take cybersecurity seriously.
Boost your company’s cybersecurity awareness by:
- Creating password requirements
- Requiring the use of multi-factor authentication
- Learning how to recognize phishing attempts or fraudulent requests
- Sending simulated phishing attempts to test employees’ responses to fraudulent emails
- Creating requirements around cybersecurity for remote workers
- Reviewing security procedures and response plans in the event of a breach
Cyber Insurance is an Important Part of Your Risk Management Strategy
Less than 30% of small business owners report having a cyber insurance policy and just over half have implemented cybersecurity training programs for their team. Whether your team has three people or three thousand people, you need to start implementing cybersecurity training and programs to protect your business.
Cyber Insurance is a vital piece of the puzzle when it comes to managing your digital risk. Unfortunately, cybercriminals know that small businesses may have fewer resources and less coverage, which makes them an easier target.
With cyber insurance premiums finding an equilibrium this year, it’s a great time for businesses of all sizes to look at their cyber insurance options. Cyber policies depend heavily on the individual business, the industry, and the type of security protocols in place. Your insurance advisor can walk you through your options and what type of information you’ll need to provide.
The team of insurance experts at eSpecialty Insurance is here to help small, and medium organizations with cyber insurance needs. Get a cyber quote in minutes or get in touch with our team to talk about your options today!