Exposure to business interruption caused by cyber risks has grown for a number of reasons recently including an increasing reliance on electronic systems to conduct business, the automation of business functions which are reliant on electronic systems and the interconnectivity of those electronic systems, to internal and external networks.
Common security vulnerabilities can be counteracted:
1.Software Security Updates
Attackers search for unpatched, outdated or otherwise vulnerable software to attack. You should have a software update policy in place for all hardware, including laptops and other mobile devices. You should only use software for which updates are still being provided.
2.SQL Injection
“Structured Query Language” is a type of programming language designed for database driven software. A SQL injection is a hacking technique which exploits flaws in the programming code. You should consider periodic independent security testing to identify programming issues, including SQL injection flaws.
3.Unnecessary Services
You should only run network services that are absolutely necessary and ensure that services intended for use on local networks only are not made available to the internet. This will reduce the number of ways an attacker might compromise systems on the network.
4.Decommissioning of Software or Services
When old or temporary hardware, software or networked services (e.g a website/file server) are no longer needed, you must decommission them and thoroughly check that the decommissioning procedure has actually succeeded.
5.Password Storage
“Hashing” and “Salting” techniques which increase the security of stored passwords. Users should also be advised to choose strong passwords (long passwords using a wide range of characters).
6.Configuration of SSL or TLS
Ensure that personal data (and sensitive information generally) is transferred using SSL (Secure Sockets Layer) or TLS (Transport Layer Security) which are encryption schemes used for ensuring secure communications across the internet.
7.Inappropriate locations for processing data
Make sure you have policies for all your IT infrastructure for how, when and where personal data will be processed and stored. Apply specific access restrictions where necessary. Ensure that your network has regular back-up and business continuity functions in place.
8.Default credentials
Change any default credentials provided by hardware and software suppliers, such as standard usernames and passwords, as soon as possible.
To find out more about Cyber Liability insurance please contact Gary Philip at GPS Insurance Brokers on on 020 8207 7385.
Source: Information Commissioner’s Office Report.
Search Blog Posts
Recent Posts
- Building Safety: Doubts over cladding and remediation after fire safety engineer sanctioned
- Property Insurance Spotlight: Are your sums insured correct?
- Ease your worries with management liability insurance
- Li-ion battery failure & fire risks: Flat Fire Case Study
- Preparing for your Insurance Renewal in 2025
Archives
- March 2025
- February 2025
- January 2025
- December 2024
- November 2024
- October 2024
- July 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- June 2017
- May 2017
- March 2017
- February 2017
- January 2017
- September 2016
- May 2016
- April 2016