Cyber Monday: A Call to Action for Insurers to Enhance Cybersecurity Support
As Cyber Monday approaches, the digital marketplace buzzes with activity, offering consumers unparalleled deals and businesses a surge in online traffic. However, this uptick also presents a prime opportunity for cybercriminals. In 2023, cybercriminal activity spiked by 70% during Black Friday compared to regular shopping days, with similar trends observed on Cyber Monday. (CoinLaw)
Phishing attacks, for instance, saw a significant increase during this period. (Zscaler)
For insurers, this period underscores the critical need to support policyholders in bolstering their cybersecurity measures. By offering tailored solutions and proactive guidance, insurers can play a pivotal role in mitigating cyber risks during this high-threat season.
The Cyber Monday Growth Story
Over the past decade, Cyber Monday has become a cornerstone of the holiday shopping season, consistently setting new records for online sales in the United States:
The Threat Landscape
Understanding the Cyber Threat Landscape
The holiday shopping season, particularly Cyber Monday, sees a marked increase in cyber threats:
Phishing Scams: Fraudulent communications that trick individuals into revealing sensitive information. Millions of phishing attempts on Cyber Monday are recorded, targeting unsuspecting shoppers. (Zscaler)
Ransomware Attacks: Malicious software that encrypts data and demands payment for its release. Such attacks have risen by 74% between 2022 and 2023, with small businesses particularly vulnerable. (Forbes)
Fake Websites: These are deceptive sites that mimic legitimate retailers to steal personal and financial information. The FBI has warned consumers about a surge in fake shopping forums during the holiday season.
Proactive Measures Insurers Can Implement
To effectively support policyholders during Cyber Monday, insurers should consider the following strategies:
Develop Comprehensive Cyber Insurance Policies
Many small and medium-sized enterprises (SMEs) lack adequate cyber insurance coverage. For instance, only 21% of small businesses have standalone cyber insurance policies. (Federal Reserve Bank of Chicago)
Insurers can address this gap by offering policies that cover:
Data Breaches: Costs associated with notifying affected individuals, legal fees, and credit monitoring services.
Cyber Extortion: Expenses related to ransomware attacks, including ransom payments and system restoration.
Business Interruption: Loss of income due to cyber incidents disrupting operations. Insurers can provide essential protection against prevalent cyber threats by tailoring these policies to the specific needs of SMEs.
2. Provide Educational Resources
Many SMEs express concern about cyber risks but may lack the knowledge to address them effectively. (Sedgwick Experts)
Insurers can bridge this knowledge gap by offering:
Workshops and Webinars: Sessions on best practices for cybersecurity, such as recognizing phishing attempts 0and implementing strong passwords.
Guides and Checklists: Materials that outline steps to secure digital environments, including software updates and data backup procedures.
Regular Updates: Alerts about emerging cyber threats and how to mitigate them. Educating policyholders empowers them to take proactive steps in safeguarding their assets.
3. Offer Cybersecurity Tools and Services
Insurers can enhance the value of their policies by providing access to cybersecurity tools:
Risk Assessments: Evaluations identifying vulnerabilities within a business's IT infrastructure.
Monitoring Services: Continuous surveillance of suspicious activities or potential breaches.
Incident Response Support: Expert assistance in the event of a cyber incident to minimize damage and facilitate recovery.
By integrating these services, insurers protect their clients and reduce the likelihood of claims.
4. Implement Incentive Programs
Encouraging policyholders to adopt robust cybersecurity measures can be achieved through:
Premium Discounts: Offering reduced premiums for implementing multi-factor authentication or regular employee training.
Certification Programs: Recognizing businesses that meet specific cybersecurity standards, which can also serve as a marketing advantage.
Resource Allocation: Providing funds or resources to assist SMEs in enhancing their cybersecurity infrastructure.
Such incentives promote a culture of security and vigilance.
Conclusion
The digital age has transformed the insurance landscape, making cybersecurity an essential part of comprehensive coverage. Cyber Monday is a stark reminder of the vulnerabilities accompanying the convenience of online shopping. Insurers can step up, not just as claim handlers, but as proactive partners in building resilience.
By offering tailored products, education, and incentives, we can help policyholders navigate the risks of Cyber Monday while fostering a safer digital ecosystem.
Josh DeRocco is the Executive Vice President of SparrowHawk Group, specializing in innovative insurance solutions and technology.