في دراسة عن
القرصنة الالكترونيّة
وكيفيّة الحدّ من الخسائر…
أماني الماحي:
لهذه الأسباب… التأمين ضروري!
(الحلقة الأولى)

أماني الماحي

جائحة كوفيد 19 ومتحوّراتها، فرضت على الشركات والمؤسّسات توجّهًا جديدًا في العمل تمثّل في الاعتماد على التكنولوجيا بشكل واسع خصوصًا وأنّ هذا التوجّه لحظ متابعة العمل كتدبير احترازي من المنزل إذا استجدّت ظروف معيّنة ناتجة عن انتشار هذا الفيروس ومتحوّراته. لكنّ الاعتماد على الرقمنة والانترنت والتكنولوجيا الحديثة، وهذه خطوة ضروريّة لمواكبة التطوّر، أدّى إلى تفاقم الجرائم الإلكترونية ومواصلة قراصنة الإنترنت إستغلالهم الفُرص في ظلّ الاعتماد المتزايد بل الكامل على العالم الافتراضي.

وبالتوازي مع هذا التطوّر التكنولوجي للأعمال في جميع أنحاء العالم،  شهدنا تطوّرًا فى إستخدام البرامج الضارّة التي تسجّل يوميًا وتوقع المؤسّسات والشركات ضحية لأعمال القرصنة الرقميّة والالكترونيّة.

 السيدة أماني الماحي، رئيس قطاع الفروع الخارجيّة في شركة “مصر للتأمين” أعدّت دراسة بهذا الخصوص عنوانها “الهجمات الالكترونيّة والتأمين” سننشرها تباعًا على حلقات. وهذه هي الحلقة الأولى، وقد صاغتها بالانكليزيّة زيادة في تعميمها وانتشارها.

Cyber attacks have become a concern for everyone and it’s the everyday incidents that put money into hackers’ pockets

According to Lloyd’s, Cybercrimes already costs organizations an estimated 400 billion Dollars every year, and the number is growing

The loss of revenue from Cyber business interruption can be Fatal and the restoration of electronic data can be time consuming and costly

While insurance policies may help business recover some costs after the facts, they do not reduce Cyber risk. Such risks are constantly evolving along with technology and the motivations of Cyber criminals

Traditional insurance policies exclude Cyber- risks, and this has led to a growth of Cyber security insurance as a separate stand alone type of coverage

What is Cyber security best practice

to prevent and respond to Cyber-attacks

Experts establish Cyber security practices to help clients defend themselves against a Cyber-attacks/Cyber threat. That means focusing on the prevention and mitigation of Cyber attacks

Keep Software up to date

Employees should do software updates as soon as they’re available so each system is prepared for the latest attack strategies

Create a Culture of continuing Education

Hackers are total talented manipulator who prey on whatever to get the information they want

All employees should have Cyber security the latest threats and phishing attacks and how to identify them appropriately

Identifying an attack is the first step towards stopping it

Use a secure email Gateway and Domain keys identifies Mail

It checks for spam, malicious attacks and fraudulent content while letting legitimate emails get through to employee’s inboxes

Utilize Strong Passwords

Using the same password for everything could be universal key a Hacker needs to wreak havoc

A password manager can be a valuable tool to generate and retrieve complex, strong and unique passwords

Use Dual Authorization

Dual authorization requires that two people sign off or input their credentials to approve submitted Transactions

It prevents business from paying false invoices and making accidental payment to hackers posting as legitimate entities

Securing Remote Desktop Protocol (RDP) ports

There are two simple steps that business can take to secure ” RDP” ports

• prevent the exposure of their “PRD” servers to the Internet by keeping the behind a firewall
• Enable network level authentication “NLA” to limit potential attackers to only those who are authenticated

Proactively Back-up data

The loss of data can have a significant effect on an organization’s ability to conduct business

Frequently backing up important data can drastically reduce the time it takes a business to recover from Cyber attack

Form a Breach Response Plan

A step-by- step plan should be written out and agreed upon before facing any breach

Secure a Cyber Liability Insurance Policy

As per latest studies the cost associated with a business data breach can lead to bankruptcy for the unprepared small business, such costs from the areas and services such as

• Credit protection costs
• crisis management costs
• Breach of contract claims
• Negligent protection of data claims

Act fast with Managed, Detections & Response ” MDR” services

When Cyber-attack occurs, a fast response limits the hacker’s power

MDR is a cost – effective way to provide 24/7 real time Cyber incident response and security consulting services

In addition to MDR services, businesses should have a breach response plan that could save the millions in damage

Secure the breach and identify compromised data

Businesses need an experienced IT forensics team to swiftly identify the problem and to fix & secure the data breach

• However, such services are very costly for companies without a Cyber attack policy in place

Be Transparent with Customers

This restores trust and avoids additional fines and penalties

Even though it is news that no body wants to deliver, hiding a data breach can make an already big problem even more significant

Cyber Crime

Cyber-crime defined as any criminal activity which takes place on or over computers or Internet or other technology recognized by Information Technology

The most common Cybercrimes

• Phishing
• Cyber Extortion
• Data Breach
• Identify theft
• Harassment

Even if a business doesn’t handle sensitive information, they are still at risk for Cyber attack

Cyber criminals often don’t care what kind of information a company motivated by financial gain; hackers can hold a network hostage of demand payment in exchange for restoring access to vital company records

What is Cyber security insurance for

Cyber insurance Security covers business liability for data breach involving sensitive customer information, such as social security numbers, credit card numbers, driver’s license numbers and health records

Why is Cyber insurance important

• The loss, compromise, or theft of electronic data can have a negative impact on a business, including the loss of customers and revenue
• Business may be liable for damages stemming from the theft of third-party data
• Cyber Liability coverage is important to protect businesses against the risk of Cyber event including those associated with terrorism
• Cyber risk coverage can assist in the timely remediation of Cyber attacks and incidents

How does Cyber insurance work

Cyber insurance policies are sold by many of suppliers that provide related business insurance, such as Error & Omission insurance, business liability insurance and commercial insurance

Cyber insurance policies help coverage financial

Losses that result from Cyber events and incidents

In addition, Cyber risk coverage helps with costs associated with remediation, including payment for investigators, communicators and customer credits and refunds

Who needs Cyber insurance

• Business that create, store and manage electronic data online, such as customer contracts, customer sales, credit card numbers, can benefit from Cyber insurance
• In addition, commercial businesses can benefit from Cyber insurance, since downtime related to Cyber incidents can cause a loss in sales and customer’s information in a website can benefit from the liability coverage that Cyber insurance provide
• We can say that any business that uses technology is vulnerable for Cyber-attack

This includes also

Accepting payments online or in store credit card transaction

Communicating with customers on line or over phones

Transferring documents electronically

Storing personal information electronically