Everyone wants to feel safe and secure when they are at home with their doors
locked and the alarm system activated. They want to know that they are
protected from danger. Today, the Internet has added another dimension to the
world of individual safety and security.
The Internet has taken us from the physical world, where fire, flood, and
earthquakes are the typical causes of catastrophic damage, into the digital
world, where identity theft, ransomware, and computer viruses have the
potential to be just as destructive. It is no longer sufficient to simply lock
your doors and turn on the alarm system. Today, your personal information is at
risk from criminals who can attack at any time. This means your information
needs to be protected, locked up, and secured with an alarm—just like your
home.
This article will help you to accomplish the following.
- Assess your cyber-risk level
- Understand the different types of cyber risks
- Learn practical strategies to improve your security while online
- Discover software solutions and services to assist you with loss
prevention and post-loss response
- Understand the cyber-insurance coverages available today
What Is Your Risk Level?
Cyber crime is a massive problem. According to Steve Langan, CEO at Hiscox
Insurance, over $450 billion in global economic losses were recorded in
2016.1 The Equifax data breach of 2017 exposed over
147 million Social Security numbers, and there were over 1,500 other recorded
breaches in 2017.2 Everyone has the potential of
being a victim of cyber crime, but there are factors that can cause your risk
level to increase. Some of those factors are the following.
- Your level of wealth
- The number of connected devices you have in your home
- Your level of fame/celebrity
- If you have domestic employees
- The number of trades you make per year in the stock market
- If you run a business out of your home
The more risk factors you have, the higher your level of risk is and the
more you should consider taking action to protect yourself. Once you have an
understanding of your risk level, you can determine the actions you need to
take to mitigate the risk of becoming a victim of cyber crime. A
self-assessment is a good start, but having a cyber-security professional to
work with is a viable option as well.
Cyber Risk Overview
The average household today has 10 to 20 Internet-enabled devices in the
home.3 Laptops, smart phones, Internet TVs,
security systems, thermostats, and other connected devices are all part of the
intricate web of technology that is expanding exponentially in homes across the
United States.
These devices hold valuable information, such as passwords, dates of birth,
and travel schedules. They may control critical functions in your home, such as
temperature control. Each of these devices connects to the Internet to derive
value for the user but in so doing also creates an entry point for nefarious
hackers to access the devices and the information they hold. Once criminal
hackers gain access to these devices, they can easily transfer funds from bank
accounts, unlock doors that use smart locks, and install harmful ransomware on
computers to hold them hostage.
Criminal hackers use many different strategies to cause physical, emotional,
or financial harm. The following are some of those strategies.
- Email phishing. This strategy involves
email scams looking to dupe email recipients into clicking a link that can
install harmful software onto the recipient's computer.
- Identity theft. Criminals use
personally identifying information (e.g., address, name, birth date, Social
Security number, etc.) to sign up for credit cards, open bank accounts, or
initiate other transactions using your personal information.
- Cyber extortion. Hackers coerce victims
to pay large sums of money when they take control of their website, servers,
computers, or other digital assets and hold them hostage until their demands
are met.
- Cyber bullying. Cyber bullying includes
sending, posting, or sharing negative, harmful, false, or mean content about
someone else. It can include sharing personal or private information about
someone else causing embarrassment or humiliation.4
- Unauthorized payment or transfer. This
strategy involves hackers gaining access to your banking and credit card
information and illicitly transferring money or making fraudulent
purchases.
- Social engineering. Cyber criminals use
deceptive tactics to trick people into giving them access to sensitive
information through phishing scams, pretexting, and baiting.
Practical Cyber-Protection Strategies
Everyone is at risk of being affected by cyber crime, whether it is a direct
or indirect attack. There is no surefire solution that will guarantee your data
is secure, but there are strategies you can implement to make it more difficult
for hackers to gain access to your information.
The list below offers some of the strategies you can implement to improve
your security on the Internet.
- Protect your Wi-Fi network at home with a strong password, one that
contains more than six digits (longer passwords are more secure) and uses
special characters (i.e., $%$#@), lowercase and uppercase letters, and
numbers.
- Change your passwords every 6 months.
- Use passphrases instead of passwords. A passphrase is a string of words
used to control access to a system. They are easier to remember and could be
more secure than passwords (Example: JohnisSIttingon2Largechairs).
- Set up a guest network at home with a separate password for guests to use
rather than giving them the password to your primary network.
- Use multifactor authentication whenever possible. This is a security
protocol that uses a secondary device to verify you are whom you say you are.
Verification codes are sent via text or email for you to enter during the
sign-in process.
- Store your passwords in a secure location, such as a password manager.
LastPass.com
and Dashlane.com
are websites that you can store all of your passwords on to help improve your
security.
- Use one network for connected appliances and gadgets, and a separate
network for your computers, tablets, and phones. This way, if someone hacks
your device network, they will not be able to access your
accounts.5
- Download software updates as soon as they are available.
Software and Service Solutions
In addition to the practical steps you can take to protect yourself, there
are software solutions and services to assist you with building your
cyber-protection strategy. These solutions can help you detect suspicious
intrusions into your network as well as monitor for fraudulent activity.
Here are examples of software solutions and service providers who specialize
in working with individuals to help them with cyber security.
Software Solutions
-
CyberScout.com—CyberScout offers a full suite of services to
improve your cyber security, including identity management tools, credit
monitoring services, breach response services, and data privacy consulting.
-
Norton.com—Norton provides software that identifies viruses
and malware and blocks them from causing damage. It also offers other
related services including a router device that monitors and protects
everything within a connected home network.
Cyber-Risk Services
-
Rubica.com—Rubica.com developed a technology for your tablets,
smartphones, and computers that helps you avoid being the victim of a cyber
crime.
-
K2Intelligence.com—K2 Intelligence is a full-service
cyber-defense consultancy that brings enterprise-level cyber-security
solutions to the private client and family office markets.
Insurance Solutions
Even with the best security practices in place, and all of the practical
risk mitigation strategies being utilized, there will always be a risk of loss.
That is where insurance comes in. Cyber insurance not only offers financial
protection when a loss occurs, but it also may include complimentary or
discounted access to software tools and services like those mentioned
above.
Today, a handful of insurance companies offer cyber-insurance policies for
individuals to purchase. Some are in the midst of developing a solution, and
others are in the planning stages. Most companies offer identity theft coverage
as part of their homeowners policies, but that coverage falls short of covering
most of the cyber crimes happening today. Although the cyber-insurance products
are relatively new, they are very broad in the coverage they offer.
The following is a list of coverage highlights from a few cyber-insurance
products on the market today.
Coverage* |
Description |
Cyber Extortion and Ransomware |
Provides reimbursement for money paid by an insured to terminate a
cyber-extortion threat. Insureds have access to expert cyber consultants
to assist if a criminal demands a ransom in exchange for the
insured's data. |
Cyber Bullying |
Covers related costs as a result of an insured or family member being
victimized by cyber bullying. Related expenses include professional
digital forensic analysis to aid in prosecution, professional
cyber-security consultant services, loss of salary due to wrongful
termination, public relations service fees, and temporary
relocation. |
Fraudulent Transfers |
Provides protection against the loss of funds stolen from an account
due to a cyber attack. |
Social Engineering |
Provides coverage if your authorized account user—such as a personal
assistant or family office manager—is deceived into wiring money from
your account. |
Data Restoration |
Provides coverage for the cost of a professional to reinstall damaged
software, remove malicious code, reconfigure your device or system, and
replace electronic data that has been lost or corrupted. |
Crisis Management / Reputational Injury |
Provides reimbursement and access to crisis management consultants to
protect an insured from reputational harm. |
Cyber Disruption |
Provides support in dealing with a cyber attack that prohibits the
clients from accessing their home or interrupts their incidental business
operations in their home. |
*Coverages above are representative of those found in cyber-insurance
policies offered by AIG Private Client Group, Chubb Personal Risk Services, and
PURE Insurance.
Coverage limit options vary from company to company with options ranging
from $50,000 to $1 million per occurrence. Prices range from $400 to $2,000 per
year depending on the coverage limits selected, the coverage options included,
and the company offering the coverage.
Conclusion: Personal Cyber Security
Insurance is a tool that can be used to help protect your wealth from cyber
risk. Adequate coverage should be obtained to match the maximum financial loss.
However, it is also important to use the practical strategies, software
products, and services mentioned above to protect yourself from cyber risks and
to develop a plan of action should an incident occur.