With the increase of remote working, IT systems have become more vulnerable and cyber-related crimes have been on the rise, according to the latest figures from the National Fraud Intelligence Bureau.
The data reveals that between January and October 2021, around 24,000 cases of cybercrime were reported, which amount to reported losses of more than £11m. Cases range from incidents of hacking, computer viruses, malware and spyware.
Paul Offley, compliance officer at The Guild of Property Professionals, said: “Cybercrime is more prevalent than ever before, and given the fact that agents have a considerable amount of sensitive data they hold, it is vital that all possible precautions are taken to avoid a potential incident.
“If large corporations are vulnerable to being infiltrated, how much more susceptible are small businesses such as an independent agent, who may possibly have less robust cyber defences.
“As a result of higher levels of cyber-criminal activity, there has been an increase in the cyber insurance premiums, along with insurers asking for more information and introducing more stringent risk management procedures.”
Offley adds that cyber liability is not typically included under professional indemnity insurance (PI) and should not be relied upon as an alternative to a standalone cyber liability policy covering first and third-party loss.
With the growing treat of cyber-attack, a greater reliance on technology, and the type of sensitive information agents hold, agents should consider adding cyber liability to their insurance programme if they do not already have it.
Offley continued: “The majority of businesses will only consider cyber liability after they have experienced an incident, which is obviously too late. Given the high number of cyber related crimes we have seen in the UK over the past year, it is advisable to rather be proactive and have a comprehensive cyber liability policy in place before an incident occurs. It is a small price to pay for the reassurance of having support when you need it in a worst-case scenario.
“Cyber Liability policies include instant response cover, and it is this section of cover that is so important to help mitigate any further threats. If your systems are paralysed for a week or longer, it is impossible to quantify the financial loss and brand reputational damage to your business.”
He explained that while no-one is immune to cyber-attack, it is best to be prepared and reduce risk where possible. Basic controls to help reduce a potential breach include:
+ Regular password updates on all devices.
+ Password complexity – use different passwords for different accounts.
+ Never share passwords.
+ Two Factor Authentication where appropriate.
+ Staff training to be aware of phishing emails and the damage they represent. One in every 3,722 emails in the UK is a phishing attempt. Around half of cyber-attacks in the UK involve phishing.
+ Software updates.
+ Ensure files are encrypted.
+ Monitoring of mobile and home working procedures
+ Never, under any circumstances, should a payment be made to a new bank account without verbal confirmation that the account details are genuine.
+ Cyber Liability Insurance