Blog

What is Cyber Insurance and Why does an Event Contractor need it?

Cyber insurance is designed to protect your business from threats such as external cyber-attacks and both malicious and unintentional data breaches. A business is ultimately responsible for its own cyber security but when things go wrong having the right insurance will mean you aren’t alone and expert advice is on hand to assist you.

 

Surely only large corporate companies require Cyber Cover?

Cyber breaches come in many shapes and forms. Often, companies only think of websites or servers being compromised by hackers, but cyber breaches can occur in many different ways such as sending an email with client data to the wrong person, or answering an email you think is legitimate and finding out after that it was a scam.

The myth that only large companies are at risk of cyber-attacks is not true. The worrying truth is businesses of all sizes are being targeted. 40% of companies suffered cyber security breaches or attacks in the last year with the average cost of a cyber incident being around £2,500. However, this cost grows as the size of a business or the data it holds increases. No matter how big or small your business is, you should look into getting a cyber insurance policy in place.

istockphoto-479801072-612x612

What cover does Cyber Insurance Provide?

Financial Protection: Cyber-attacks can result in a financial loss due to various reasons including business interruptions and legal liabilities. The policy can help provide funds associated with regulatory fines, compensation to affected people, data recovery, and legal expenses, reducing the financial strain on your business.

Data Breach Response: When a cyber incident occurs, businesses need to respond both quickly and effectively. Insurers often provide access to expert incident response teams and crisis management services, helping businesses tackle the aftermath of an attack easily and providing advice in relation to notifications to regulators such as the Information Commissioners Office (ICO).

Ransomware Attacks: Ransomware attacks are occurring more and more frequently. Cybercriminals encrypt a company's data and demand ransom for its release. The ransom payments can be covered, reducing the incentive to pay and potentially supporting alternative recovery methods.

Business Continuity: Coverage for business interruptions resulting from cyber incidents. This helps businesses recover lost income during downtime, ensuring continued operations and minimising financial losses.

Cyber Extortion and Social Engineering: The policy can protect against cyber extortion schemes and social engineering scams, where attackers manipulate employees into transferring funds or disclosing sensitive information or passwords.

Cybersecurity Improvement: Some insurance policies offer incentives or discounts for businesses that implement robust cybersecurity measures. This can encourage companies to enhance their security posture, ultimately reducing the likelihood of cyber incidents.

Why would it be important for an exhibition contractor to have cyber insurance?

Data Protection: Exhibition contractors often handle sensitive information about clients, and vendors. This information may include personal data, financial records, and trade secrets. Cyber insurance can help cover the costs associated with data breaches, such as notifying affected parties, providing credit monitoring services, and managing the public relations fallout.

Financial Protection: Cyberattacks can result in significant financial losses. An exhibition contractor may need to pay for forensic investigations to determine the extent of the breach, legal fees, and regulatory fines if they fail to comply with data protection regulations. Cyber insurance can help cover these expenses.

Business Interruption: If a cyberattack disrupts an exhibition contractor's operations, they may experience downtime and lost revenue. Cyber insurance can provide coverage for business interruption, helping the contractor recover lost income during the downtime.

Ransomware Attacks: Ransomware attacks can encrypt critical data and systems, demanding a ransom for decryption keys. Cyber insurance can cover the ransom payment if it becomes necessary, though this is typically a last resort as it's generally discouraged.

Third-Party Liability: If a cyber incident affects third parties, such as clients or partners, the exhibition contractor may be held liable. Cyber insurance can cover legal costs and settlements associated with third-party claims.

Reputation Management: A cyber incident can harm an exhibition contractor's reputation. Cyber insurance can provide coverage for public relations and marketing efforts to restore trust and credibility.

Regulatory Compliance: Many industries have strict data protection and cybersecurity regulations. Cyber insurance can help exhibition contractors comply with these regulations by covering costs related to investigations, reporting, and remediation.

Cybersecurity Improvement: Some cyber insurance policies offer resources and incentives to improve cybersecurity measures. Insurers may offer guidance on best practices, security assessments, and training to help prevent future incidents.

Incident Response: Cyber insurance often includes access to incident response teams, which can help the contractor navigate the aftermath of a cyberattack effectively, minimizing the damage.

Peace of Mind: Cyber threats are constantly evolving, and no organisation is immune. Having cyber insurance can provide peace of mind, knowing that financial support is available in the event of a cyber incident, allowing the exhibition contractor to focus on their core business operations.

Frequently Asked Questions

Q. I am an Exhibition Contractor, why do I need Cyber insurance?

A. Potentially you hold a great deal of information digitally on your customers/exhibitors and suppliers, which you rely on to operate your business.  If your system (internal or externally hosted IT system) is breached and that information/data is lost and prevents you from accessing that information, it could be crippling for your company, especially in the run-up to a Show.

Q. My systems are backed up every night, why would I be at risk?

A. It’s great practice that you back up regularly, but this is not enough to aid you in the event of data breach. You may need physical and financial help to get your system back to where it should be and deal with ransomware. This would all be handled by specialists.

Q. I only have a few office-based clerical staff, the rest are out of the office, do I still need it?

A. If you have staff working from home or on site and information is being stored in a cloud for instance, you are likely further at risk. This is vital information you require daily to run your business. This could be your customer data for example and accounting information, or your own payroll.  All vital to daily operations that would have a detrimental effect if you could not gain access. Risks are also increased by using public Wi-Fi connections and leaving devices in the open too.

What are some real-life claims examples?

•              A business was hacked by someone who compromised their system and requested a ransom figure to give back data they had encrypted. £150,000 was paid in ransom and expenses caused to the company.

•              Someone posing as the head of accounts for an event contractor requested the bank details of all employees so they could process returns. The employees forwarded their details to the imposter. Subsequently, false tax returns were filed on behalf of employees. Costs incurred to date are in excess of £25,000.

•              An employee who worked for an exhibition contractor left his company laptop on the train. The laptop contained files of private financial information of the employer’s customers. The company had to pay for notification to its customers that its private financial information was no longer secure. The customers sued the company for damages resulting from its failure to protect their private financial information. The notification costs and settlement totalled £9,000.

 

Who do I contact to discuss Cyber insurance and protection?

Your account handler will be able to obtain a Cyber Insurance quotation for you.

Copyright © 2023 InEvexco Limited, All rights reserved.

InEvexco Limited is authorised and regulated by the FCA, registered number 579079. InEvexco is a wholly owned subsidiary of AssuredPartners Holdings Limited.

Our Mailing address is:

80 Churchill Square Business Centre, Kings Hill, Kent, ME19 4YU