how to minimise your ransomware risk

This year's massive ransomware attacks which affected hundreds of thousands of people in more than 150 countries are a reminder for Australian small businesses to prioritise strengthening their cyber security measures.

small business cyber insuranceMay's WannaCry ransomware attack exploited a vulnerability in Windows computers, which did not have up-to-date security patches. This allowed files to be encrypted and held to ransom, with users asked to pay $300-$1200 in the bitcoin currency to free their files.

Hot on the heels came June's Petya attack, which exploited some of the same weaknesses and again played havoc with businesses across the world.

The attacks highlight how following simple steps can play an important role in limiting cyber security exposures. And although only a handful of Australian businesses were impacted, John Apter of Gallagher Insurance Brokers says that there’s no room for complacency.

“Australia got off lightly from these attacks, but the sheer speed by which the ransomware spread should be enough to place this issue at front and centre for business owners across the country,” said Apter.

“This attack also highlighted the fact that any business is a target for cyber criminals – not just big business. Indeed, what this attack has shown is how vulnerable small businesses can be to cyber-attacks, simply through not following basic security measures.”

Four simple ways to minimise cyber exposures

Apter recommends all businesses look to minimise their cyber security exposures in the following ways:-

  • Do not open attachments or click on links in emails from unknown senders
  • Develop a cyber breach response plan, and educate all staff on what to do in the event of a breach
  • Adopt best practice information security procedures, including firewalls, regular patching, application whitelisting, virus protection, restricted admin privileges, encryption and offsite data back-up
  • Factor cyber insurance cover into their business’s insurance program

“More than 85% of ransomware attacks can be avoided by following best practice IT security measures, said Apter.

"And while cyber insurance will not stop ransomware attacks from happening, it can be invaluable in helping to recover lost costs associated with such attacks – including loss of business income brought about by the inability to trade throughout the duration of the attack."

"As such, it should form part of every business’s holistic approach to handling cyber security threats.”

Need advice?

If you need guidance on cyber insurance for your business, contact Gallagher's Jamie Lansdown. Email him directly or call 03 9412 1688.



Access1st mailing list
Access1st blog