Half of the organisations in attendance at an interactive cyber business seminar in Belfast revealed they have suffered a data breach.
At the event co-hosted by Grant Thornton, Willis Insurance and Risk Management and Cleaver Fulton Rankin, almost one-fifth of the audience also admitted that they do not know exactly what cyber insurance is.
Taking place at Grant Thornton’s city centre office and attended by representatives from the local private and public sector, a poll of the delegates revealed that a majority of firms in attendance have an incident response plan in place, with most stating they already have cyber insurance.
The seminar was opened by Richard Gillan, Managing Partner of Grant Thornton NI, with Andrew Harbison, Digital Forensics Director at Grant Thornton and the most experienced computer forensics investigator in private practice in Ireland, advising on how to manage through a cyber-crisis.
Michael King, Director at Cleaver Fulton Rankin and qualified Data Protection practitioner, looked at the legal aspect of a cyber-breach, with Richard Willis, Managing Director at Willis Insurance and Risk Management, examining the insurance elements. .
In opening the seminar Richard Gillan of Grant Thornton noted:
“Grant Thornton has enjoyed significant growth in recent years and a factor in that has been the opening in Belfast last year of our new Forensics and Investigation Services Unit, which provides the full spectrum of forensics and cyber-security services to new and existing clients.”
Speaking at the event, Andrew Harbison, Director at Grant Thornton, then outlined the potential problems:
“Any type of cyber incident can damage a firm’s reputation, disrupt operations and ultimately result in losses.
“Unfortunately, everyone and every business is vulnerable. Cyber criminals want your information and are becoming more and more innovative with the methods used to get the desired details.
“By the time a cyber incident is discovered it is likely the hackers have already been in the system for an extended period.
“Once the breach is exposed, the next steps will be critical to the organisation’s reputation and future. Implementing a proactive Incident Response Plan can prevent such situations from escalating.
“Businesses, and indeed individuals, have a responsibility to devise a strategy that will protect their systems and develop a structured approach to security and processes that will prevent a cyber incident occurring in the first place.”
Michael King, of Cleaver Fulton Rankin’s dispute resolution team, is an experienced commercial litigator who specialises in intellectual property and regularly advises clients on data and security issues. He told the seminar:
“More and more of my time as an intellectual property lawyer is spent dealing with forensic issues.
“One myth is that because a hacker has your information, there is no liability. Although the hacker may not be traceable, other parties can be liable through negligence and breach of contract or contributory negligence of the intended recipient of the funds. If a business fails to store data correctly, it is not compliant with the Data Protection Act.
“If your business falls victim to cybercrime, it is important that law and insurance partners are contacted as soon as the incident is realised. The problem will not go away on its own, in fact it will only get worse, which is why it is necessary to address it immediately and seek the relevant, professional advice.”
Willis Insurance and Risk Management is a first responder to cyber risk and offers in-depth and insightful advice on cyber insurance and non-insurance risk management strategies. Speaking at the event, Richard Willis, Director at Willis Insurance and Risk Management, said:
“This is the biggest item on the agenda of insurers and it is not a large outlay for businesses.
“Generally, approximately 50% of businesses think they have cyber insurance cover, which isn’t the case, and, as this morning’s poll revealed, there’s actually a large number of people who don’t know what cyber insurance is.
“Cyber insurance will cover IT, forensics, legal advice, credit and identity monitoring costs. Cybercrime is happening locally and if businesses haven’t suffered a breach already, they could be leaving themselves extremely exposed to what is now a very likely possibility.
“It’s vital that local businesses and public sector organisations alike fully realise that cybercrime is real and is very much on the rise. Let someone who is an expert in this field manage your cyber risks and take a proactive approach to the issue rather than waiting for it to happen.”