Crawford's cyberattack prevention and response tips

"These types of threats require detailed modelling"

Crawford's cyberattack prevention and response tips

Cyber

By Daniel Wood

This week the federal government announced a new agency to fight cyberattacks: the National Office for Cyber Security. Meanwhile, Prime Minister Anthony Albanese hosted a cyber security roundtable in Sydney to help inform the Government’s 2023-2030 Australian Cyber Security Strategy.

In the wake of last year’s cyberattacks on Optus and Medibank, insurance companies and brokers continue to grapple with how best to deal with the cyber threat.

Crawford is one of the world’s largest claims management providers and has a Global Technical Services (GTS) group specialising in response and mitigation of cyber-related events.

What can insurers and brokers do?

The firm sent information to Insurance Business revealing the scope of the current cyber threats against Australia, including ransomware and distributed denial of service (DDoS) attacks. There’s also a rise, Crawford said, in cases where hackers have inadvertently knocked out segments of the IT infrastructure as they cross networks to access personal and commercially sensitive data.

The Crawford brief said companies are now faced with the prospect of the hacking of industrial control systems and automated production lines.

“These types of threats require detailed modelling and scenario planning, where the focus is on protecting against operational risk and attributable financial and reputational implications,” said Tim Jarman (pictured above), president of Crawford Australia.

Once an attack happens, Jarman said, the insurer’s immediate task is supporting, validating and assisting the insured to manage the situation. This includes, he said, making sure the customer deploys mitigating protocols that minimise disruption to the services or the manufacture of products.

“Companies ought to be treating cyberattacks as though they are inevitable,” said Jarman. “As such, cyber insurance has become a must-have purchase for businesses. Then, if the worst happens, the next must-have purchase is expert-led incident response services.”

He said the approach to preventing and responding to a cyberattack should be comparable to current accepted industry practices towards casualty and property threats.

“Just like we would expect on a significant property or casualty nomination, the adjuster, broker and insurer should work together pre-loss to build relationships, capture information and document procedure,” said Jarman. “This, again, is of huge benefit in the event of a cyberattack and helps ensure effective response, continuity of approach and customer value.”

The Crawford president offered some cyber tips for brokers and businesses.

Cyberattacks - Don’t underestimate preparation

Jarman said the mindset around cyberattacks in Australia is typically the hope that one doesn’t happen.

“The thinking needs to pivot so businesses are actively looking at what steps they can implement today to mitigate the extent of the impact,” he said. “Preparation is key, we frequently find that the most successful responses to cyberattacks come from businesses that have pre-existing systems and strategies in place to mitigate the impact.”

Cyberattacks - Quick identification

Jarman said, according to his firm’s experience, “the overwhelming feedback” from cyberattacks is that there were early indications of an attack.

“Outlook accounts misbehaving, unexplained systems or applications being down, server issues, firewall notifications, permission changes, files all of a sudden being inaccessible,” he said. “When these indicators rear their head, it is always advisable to err on the side of caution and decide on next steps as though you are dealing with a worst case scenario.”

Cyberattacks - Time is of the essence

“No matter how secure an IT environment might be, there is always the potential for compromise,” said Jarman. “When an incident occurs, you don’t want to lose any time containing the situation.”

He said a risk and mitigation team should swing into action immediately.

Last week, CFC Underwriting, the London-headquartered cyber insurance agency with a significant presence in Australia, hosted a webinar for local brokers. More than 2,000 brokers signed up to attend, a record number according to presenter Lindsey Nelson, the agency’s cyber development lead.

Nelson quoted data, based on financial reports and discussions with brokers, indicating that as few as 10% of Australian businesses actually have cyber insurance, despite the fact that these attacks, she said, are their “absolute largest exposure as a business.”

“So we, as a market, have a responsibility to change that,” said Nelson.

Other CFC data presented by Nelson showed that cyberattacks across the world have generally been going down in recent years – even taking into account the war in Ukraine. However, one exception to this trend is Australia, where attacks are still on the up.

What are your cyber tips? Please tell us below.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!