When developing your security and data privacy strategies for the future, there are numerous vulnerabilities which you need to consider. Here we run you through 4 common risks which you need to consider in 2018 and beyond with regard to your security and privacy regulations.

1. Emails

It’s easy to think of cybercriminals as tech-savvy geeks mastering a piece of code which can steal all your money, but the reality is often very different. Using nothing more than emails, many hackers pose as business contacts and company stakeholders in order to scam businesses out of money. For example, they may ask someone to pay an invoice while posing as a client. It’s predicted that these so-called BEC (Business Email Compromise) scams will scam companies out of more than $9 billion in 2018 alone, with the average BEC scam in 2017 stealing around $67,000.

2. IoT Attacks

IoT (internet of things) attacks used to be used in order to create chaos and confusion, although more and more attackers are using IoT attacks to spread viruses and ransomware. The internet of things refers to devices which use the internet to communicate with one another, such as a modern car or your Amazon Echo. These devices are more vulnerable to attacks than regular computers or laptops, meaning that hackers are now trying to hack these “things” in order to steal sensitive data and use it to make/demand money.

3. GDPR

Unless you’ve lived in a cave for the past 6 months, you’ve probably heard of the General Data Protection Regulation, aka GDPR. Any company which conducts business of some sort in the EU (i.e. basically all large companies) has to comply with the GDPR guidelines regarding data security, although it is estimated that around 50% of companies still do not meet these standards. Companies who don’t comply could face fines of 20 million euros (around $24 million) or 4% of their global turnover, whichever is greater. Those are some seriously crippling fines, so it’s best to make sure that you’re complying ASAP.

4. Cryptojacking

Some hackers are now using unsuspecting companies’ processing power in order to mine cryptocurrencies such as Bitcoin and Ethereum. This is known as “cryptojacking”, and it essentially means that your company’s websites/networks are being slowed down so that a hacker can make money off of your processing power. Although it’s arguably less dire than some other cybercrimes, it still slows down your networks and sees you losing money as you look for solutions.
Going further and further into the digital age, it’s more important than ever to safeguard your company and your customers from digital attacks. Arming yourself with cutting-edge anti-virus software (among other precautions) is a good idea, but many criminals acquire your funds and data by simply tricking staff members, such as with the email scams mentioned earlier. Systematic training and precautions are the best way to ensure your security, in addition to regular penetration testing.

Looking for insurance which covers you in the event of a cyber attack? Talk to a member of our dedicated insurance team today and find out more.

stephanie (165)