There can be little doubt that recruitment businesses and umbrella companies are an excellent target for cyber criminals. The sheer amount of valuable data held on candidates and Limited company clients is an attractive proposition to a cyber-criminal. And with a number of cases being highlighted in the press this year, it doesn’t take much to evidence the impact of such attacks, both upon finances and reputation.
The main method cyber criminals are using in these attacks is ransomware, resulting in essential data being encrypted and only potentially being released on payment of a large sum.1 The ransomware is installed often via the use of phishing email scams to staff. Unfortunately, companies are not guaranteed to see their data being returned, even after making a payment. In fact, cyber criminals can go on to make further inflated payment demands.
Worryingly, 78% of UK businesses were subjected to ransomware attacks in 2021, and a staggering 82% paid the ransom to try and restore access to their data.2
Preventing cyber-crime in your umbrella and recruitment company
The greatest investment companies can now make is to ensure that you engage the highest level of cyber security, with data stored off site and, multi factor authentication to be required of all people who can access the site. Consider bringing in a cyber security specialist to review your infrastructure weaknesses and train your staff on what they need to be wary of whilst working.
Cyber liability insurance is now one of the most essential elements of your insurance program – both for risk management services and post claim support, as well as ensuring that you have adequate cover for all of the costs incurred following an attack. Work with your insurance broker to determine your indemnity levels as cyber claims costs can reach figures much higher than you may think.
Another factor in preventing cyber-attacks is preventing human error with thorough and frequent cyber awareness training for all employees. It may surprise you that 95% of cyber-attacks occur due to human error, meaning if we eliminated human error, 19 out of 20 attacks would fail.3
What do to if you do suffer a cyber-attack?
If you are unfortunate enough to be subjected to an attack, you need to be ready to take the right action immediately and after to ensure your company can bounce back as quickly as possible. Consider the following steps to help manage the situation:
- Identify the extent of the breach – what and how much data is at stake?
- Take immediate action and call upon your business continuity plan.
- Contact your insurer if you are covered for cyber insurance and report the claim immediately, they can advise you on further steps.
- Ensure you notify your supervisory authority within 72 hours, and provide as much information on the attack as possible.
- Investigate whether the breach needs to be reported – meaning does the breach affect the data subjects’ rights and freedoms? GDPR requires you to keep a record of any breach regardless of whether it needs to be reported.
The initial costs of unlocking and rebuilding the site and re constituting the data is only a part of the potential losses. Your loss of reputation amongst your clients needs to be managed to prevent loss of business.
In the event that your clients’ records start to appear on the dark web, this can also create huge potential claims from clients/data subjects, who will blame you for not protecting their information. Legal costs alone for each data subject claim could approach £1,500, and that isn’t including any potential damages awarded.
Our key takeaways
- Do not try to pay the ransom demand, as insurers (if you are insured) may not agree with the amount, or process, leaving policyholders unable to recover their losses. You also run the risk of not getting data back even if you choose to pay.
- Do not incur any costs without the approval of insurers as their technical service support team may approach the claim differently, and allow you to recover all the costs incurred.
- Do not rely solely on the fact that you may have your data stored in the cloud. Consider what would happen if the third party storage company was attacked?
- Carry out a full risk assessment to see what your total exposure is.
- Your employees are a source of vulnerability to cyber-attacks, ensure they are fully trained.
- Ensure your indemnity levels are fit for purpose to avoid underinsurance in the event of a claim.
- Notify insurers as soon as you become aware of an attack – do not engage with the cyber criminals directly.
- Let insurer first responders take over the running of the claim to ensure all costs are met by the insurer.
- If you haven’t already arranged for cyber insurance speak to your broker, the costs to your business without it could leave you unable to recover.
Speak to our specialist team today and see how we can help your business.