25Mar

Infographic: The Cybersecurity Shortage

The projected loss from cyber attacks worldwide is forecasted to be in the trillions in 2021. With many companies shifting to virtual offices – some even permanently – malware, phising, and other forms of data breaches will most likely increase. However, data shows that there’s an alarming gap between the need for tighter cybersecurity and the number of organizations that understand its importance.

The infographic below provides impactful statistics and proposals to shorten the gap.

Sources:

https://www.varonis.com/blog/cybersecurity-skills-shortage/

https://www.protectwise.com/post/survey-suggests-younger-generations-including-females-may-fill-the-cybersecurity-talent-gap/

https://www.varonis.com/blog/cybersecurity-statistics/

5Mar

Understanding the Risks of Managing an e-Commerce Business and the Insurance You Need

E-commerce has had a huge impact in Asia even throughout the pandemic. People have been able to buy and purchase products overseas sans a physical store. The requirement of having a brick-and-mortar store has taken a backseat for many small business owners as well as large retail corporations.

And as is the case with anything emerging, the industry’s growth brings with it new risks that may not have existed a decade ago.

The fact that the e-commerce industry is growing at an incredibly fast pace is yet another reason for online retailers to make sure that they are protected from the many risks that can come with such rapid growth. According to recent studies, e-commerce sales increased to $4.058 trillion in 2020 and made up more than 14% of total worldwide spending.

Covid-19 has played a crucial part in this growth with lockdown and physical restrictions that encourage consumers to shop online.

So what are the risks involved?

1. Cybersecurity – e-commerce is one of the most targeted industries of cyber attacks, with 32.4% of all cyberattacks targeting this industry. Ecommerce stores are known to hold highly sensitive information such as a  buyers’ credit card information and home address.

Online shopping sites are liable for these types of breaches which can result in millions of dollars worth of lawsuits, especially for large companies. Having the right cyber insurance is a must-have.

2. Product Liability – Any product or service can malfunction and result in some form of injury or accident. Defective products or the lack of hazard warnings are grounds for legal liability even if you’re not the direct manufacturer. Online retailers have to remember that as long as you are part of the distribution chain, you may be deemed responsible.

Some companies have been opting to get insurance called Technology Errors & Omissions Insurance. This type of insurance combines product liability and cyber insurance, therefore addressing incidents involving physical injuries caused by a product, and the unauthorized disclosure of proprietary information, respectively.

Aside from product liability insurance, it’s recommended that companies purchase D&O insurance to have an added cover for directors, officers, and other decision-makers in the company in case of lawsuits.

3. Intellectual Property Issues – Copied designs and the use of copyrighted material (even if one does it unknowingly) can lead to legal problems for e-retailers. In fact, an e-commerce store can face liability related to a third party’s ad that’s seen on its website. A general liability insurance can cover these issues.

If your business keeps and receives shipped goods in a warehouse via a third-party provider, or if you ship your products directly to customers and other distributors, then cargo insurance may also be something to consider. This insurance covers your business from loss of inventory while in storage or shipping.

Need more information about the insurance you need for your e-commerce business? Get in touch with us today.

 

25Feb

Increased Cyber Risks from Remote Work

Working remotely has become the default mode for many businesses since the COVID-19 pandemic. While this allows companies to continue operations while reducing their employees’ chances of getting sick it also opens up the company to new cyber risks.

Working from home requires access to Wi-Fi that may be insecure despite thinking otherwise. In the case of home networks, they are usually set up in default mode that permits devices to connect without passwords.

This even includes Wi-Fi-enabled appliances, monitors, door locks surveillance cameras, speakers and more. Your corporate mobile device may be using this Wi-Fi network also. And even if you are able to use a VPN and private servers, this does not mean your confidential data is not exposed to grave cyber threats.

The multiple variables of all your employees’ home network means that your IT department has to cover more computers. In addition, there will be some employees who don’t completely understand the probability of a data breach with an unsecured network – especially if they access work through public Wi-Fi like coffee shops for instance.

What can companies do to reduce the risk of cyberattacks while working at home? 

> Reinforce the use of VPNs for all remote staff

> Teach employees to scan devices before allowing them to connect with access by unauthorized software or hardware

> Double-check and lock remote devices wherever necessary to help reduce the possibility of cyber attacks without negatively affecting user experience.

> Disable split tunneling for VPN profiles to ensure that virtual employees won’t be able to access Wi-Fi networks directly without going through the corporate network first.

> Companies should also practice scheduled analysis of work-issued devices’ log data to improve detection of cyber incidents.

More importantly, companies should also update their cyber breach response strategies for the entire remote staff and practice plans through exercises with IT and security staff, along with officers and directors.

Many companies in Asia have been able to restructure operations and adapt to virtual offices. They are calling the remote workforce ‘the new normal’. Companies need to anticipate similar incidents like this pandemic – some may even pose more challenges.

For now, what’s needed are immediate measures to tighten online security of remote workers and revisit liability insurance policies that may not yet cover cybercrime-related claims.

15Sep

5 Common Excuses for Not Getting Cyber Liability Insurance

Increased online activity by businesses – from e-commerce to remote project management – requires an added layer of privacy security. Digital interactions with clients as well as between employees also means there is extensive sensitive data (e.g. addresses, credit card details, private messages, etc.) being shared and stored.

Businesses that ask for personal information places them in a position of possible liability should there be a breach in their system.

Cyber Liability and Data Protection Insurance is designed to safeguard online users from damage and loss upon exposure to hacking or system errors.

Unfortunately, most businesses do not see the need for this type of insurance for reasons such as:

1. My business does not store sensitive data.

Most businesses will hold information about their employees or suppliers as a standard practice, meaning these companies are at a higher risk of being targeted for a cyber attack. Downplaying the likelihood of having your valuable data stolen may cause irreparable damage to your company’s reputation and operations.

In a time when remote work and online interactions are the status quo, businesses need to have all bases covered.

2. I don’t sell anything online.

Chances are, your business still uses computers to store digital files of receipts, invoices, and names of customers. Having a local server and the absence of online commerce does not exclude your business from cybercrime.

One has to factor human error, malware, and phishing even if your company is not engaged with Internet commerce.

3. The Cloud is highly secure.

A company is legally responsible for the information that is stored in their cloud, even if a hacker accesses the cloud via a 3rd party. This also applies if you’re using an outsourced IT provider. If the provider’s system is breached and your data gets leaked, your business may incur notification costs (to both the Privacy Commissioner and the affected individuals), remediation costs and legal costs. Encryptions and 3rd party security measures will not cover these costs.

4. The IT Department will take care of it.

Does your IT department work round-the-clock? That’s highly unlikely. A lot can happen in a few minutes, let alone overnight when everyone is off.

Having cyber liability insurance in place will provide you with a 24/7 response team that can help mitigate further loss and damages when an attack occurs.

5. Our system is top-of-the-line and can’t be hacked.

There’s not a single system that is 100% secure. Technology is ever-changing and cyber attackers are constantly finding ways to access your data. And while you may have the most secure system now, that still requires everyone in the company to have the same knowledge and competencies in using, managing and maintaining it.

Again, human error can’t be discounted which makes cyber liability insurance all the more important for any business.

We can help your business find the best cyber liability insurance in Hong Kong.