أماني الماحي
جائحة كوفيد 19 ومتحوّراتها، فرضت على الشركات والمؤسّسات توجّهًا جديدًا في العمل تمثّل في الاعتماد على التكنولوجيا بشكل واسع خصوصًا وأنّ هذا التوجّه لحظ متابعة العمل كتدبير احترازي من المنزل إذا استجدّت ظروف معيّنة ناتجة عن انتشار هذا الفيروس ومتحوّراته. لكنّ الاعتماد على الرقمنة والانترنت والتكنولوجيا الحديثة، وهذه خطوة ضروريّة لمواكبة التطوّر، أدّى إلى تفاقم الجرائم الإلكترونية ومواصلة قراصنة الإنترنت إستغلالهم الفُرص في ظلّ الاعتماد المتزايد بل الكامل على العالم الافتراضي.
وبالتوازي مع هذا التطوّر التكنولوجي للأعمال في جميع أنحاء العالم، شهدنا تطوّرًا فى إستخدام البرامج الضارّة التي تسجّل يوميًا وتوقع المؤسّسات والشركات ضحية لأعمال القرصنة الرقميّة والالكترونيّة.
السيدة أماني الماحي، رئيس قطاع الفروع الخارجيّة في شركة “مصر للتأمين” أعدّت دراسة بهذا الخصوص عنوانها “الهجمات الالكترونيّة والتأمين” سننشرها تباعًا على حلقات. وهذه هي الحلقة الأولى، وقد صاغتها بالانكليزيّة زيادة في تعميمها وانتشارها.
Cyber attacks have become a concern for everyone and it’s the everyday incidents that put money into hackers’ pockets
According to Lloyd’s, Cybercrimes already costs organizations an estimated 400 billion Dollars every year, and the number is growing
The loss of revenue from Cyber business interruption can be Fatal and the restoration of electronic data can be time consuming and costly
While insurance policies may help business recover some costs after the facts, they do not reduce Cyber risk. Such risks are constantly evolving along with technology and the motivations of Cyber criminals
Traditional insurance policies exclude Cyber- risks, and this has led to a growth of Cyber security insurance as a separate stand alone type of coverage
What is Cyber security best practice
to prevent and respond to Cyber-attacks
Experts establish Cyber security practices to help clients defend themselves against a Cyber-attacks/Cyber threat. That means focusing on the prevention and mitigation of Cyber attacks
Keep Software up to date
Employees should do software updates as soon as they’re available so each system is prepared for the latest attack strategies
Create a Culture of continuing Education
Hackers are total talented manipulator who prey on whatever to get the information they want
All employees should have Cyber security the latest threats and phishing attacks and how to identify them appropriately
Identifying an attack is the first step towards stopping it
Use a secure email Gateway and Domain keys identifies Mail
It checks for spam, malicious attacks and fraudulent content while letting legitimate emails get through to employee’s inboxes
Utilize Strong Passwords
Using the same password for everything could be universal key a Hacker needs to wreak havoc
A password manager can be a valuable tool to generate and retrieve complex, strong and unique passwords
Use Dual Authorization
Dual authorization requires that two people sign off or input their credentials to approve submitted Transactions
It prevents business from paying false invoices and making accidental payment to hackers posting as legitimate entities
Securing Remote Desktop Protocol (RDP) ports
There are two simple steps that business can take to secure ” RDP” ports
- prevent the exposure of their “PRD” servers to the Internet by keeping the behind a firewall
- Enable network level authentication “NLA” to limit potential attackers to only those who are authenticated
Proactively Back-up data
The loss of data can have a significant effect on an organization’s ability to conduct business
Frequently backing up important data can drastically reduce the time it takes a business to recover from Cyber attack
Form a Breach Response Plan
A step-by- step plan should be written out and agreed upon before facing any breach
Secure a Cyber Liability Insurance Policy
As per latest studies the cost associated with a business data breach can lead to bankruptcy for the unprepared small business, such costs from the areas and services such as
- Credit protection costs
- crisis management costs
- Breach of contract claims
- Negligent protection of data claims
Act fast with Managed, Detections & Response ” MDR” services
When Cyber-attack occurs, a fast response limits the hacker’s power
MDR is a cost – effective way to provide 24/7 real time Cyber incident response and security consulting services
In addition to MDR services, businesses should have a breach response plan that could save the millions in damage
Secure the breach and identify compromised data
Businesses need an experienced IT forensics team to swiftly identify the problem and to fix & secure the data breach
- However, such services are very costly for companies without a Cyber attack policy in place
Be Transparent with Customers
This restores trust and avoids additional fines and penalties
Even though it is news that no body wants to deliver, hiding a data breach can make an already big problem even more significant
Cyber Crime
Cyber-crime defined as any criminal activity which takes place on or over computers or Internet or other technology recognized by Information Technology
The most common Cybercrimes
- Phishing
- Cyber Extortion
- Data Breach
- Identify theft
- Harassment
Even if a business doesn’t handle sensitive information, they are still at risk for Cyber attack
Cyber criminals often don’t care what kind of information a company motivated by financial gain; hackers can hold a network hostage of demand payment in exchange for restoring access to vital company records
What is Cyber security insurance for
Cyber insurance Security covers business liability for data breach involving sensitive customer information, such as social security numbers, credit card numbers, driver’s license numbers and health records
Why is Cyber insurance important
- The loss, compromise, or theft of electronic data can have a negative impact on a business, including the loss of customers and revenue
- Business may be liable for damages stemming from the theft of third-party data
- Cyber Liability coverage is important to protect businesses against the risk of Cyber event including those associated with terrorism
- Cyber risk coverage can assist in the timely remediation of Cyber attacks and incidents
How does Cyber insurance work
Cyber insurance policies are sold by many of suppliers that provide related business insurance, such as Error & Omission insurance, business liability insurance and commercial insurance
Cyber insurance policies help coverage financial
Losses that result from Cyber events and incidents
In addition, Cyber risk coverage helps with costs associated with remediation, including payment for investigators, communicators and customer credits and refunds
Who needs Cyber insurance
- Business that create, store and manage electronic data online, such as customer contracts, customer sales, credit card numbers, can benefit from Cyber insurance
- In addition, commercial businesses can benefit from Cyber insurance, since downtime related to Cyber incidents can cause a loss in sales and customer’s information in a website can benefit from the liability coverage that Cyber insurance provide
- We can say that any business that uses technology is vulnerable for Cyber-attack
This includes also
Accepting payments online or in store credit card transaction
Communicating with customers on line or over phones
Transferring documents electronically
Storing personal information electronically