Cyber Security Myths: ‘Cyber-security is the IT departments job’

Even when organisations make the wise decision to invest in cyber-security, they may still make the mistake of placing all related responsibilities on the IT department. Although these professionals definitely play a part in upholding adequate cyber-security measures, they can’t act alone. The most effective cyber-security models involve companywide participation, which requires support from corporate executives and routine training for all employees. Without companywide participation, organisations are more likely to have poor cyber-hygiene and awareness. Not to mention, businesses that don’t take cyber-security seriously will likely pass the same attitude to their employees by neglecting to provide essential education on digital risks.

 

Investing in IT security is a great precautionary measure, but hackers can often bypass security measures and exploit human error. In fact, 88% of cyber attacks are caused by human error. Cyber insurance is there to act as a valuable safety net in the event that your IT security fails to prevent an attack. Likewise, when a business puts locks on their doors to reduce the risk of theft or install sprinkler systems to mitigate the risk of fire, they will still usually purchase property damage insurance in case those precautionary measures fail.

 

It’s also imperative that organisations create a strong culture that encourages everyone to take responsibility for cyber-security. This includes having executives lead by example, training employees to detect and defend against prevalent cyber-threats, and recognising those who demonstrate a continued commitment to security.

 

Unfortunately, using a third party for IT doesn’t eliminate your exposure either. If you outsource your data storage to a third party and that third party is breached, you will still likely be responsible for notifying affected individuals and dealing with subsequent regulatory actions. Most third-party technology service providers have standard terms of service that limit their liability in the event that a breach or system outage causes financial harm to one of their clients.

 

Our industry has to take some blame for this misconception- insurance has been playing catch up with available technology like any other but should be ahead of the game with the ways businesses can suffer losses in relation to this technology. At JMP, we have invested in developing our knowledge and network to make sure we can help our customers and offer the best products for the competitive price.

 

For further cyber-security advice and insurance solutions, get in touch with our expert team.

keyboard_arrow_up