Andy Beven, liability & cyber underwriting manager at NZI, breaks down common cyber security myths that could be holding businesses back. 

Many business owners are unaware of the growing threat of cyber-attacks and are uncertain when it comes to setting up their own cyber security processes, leaving them vulnerable to an attack. 

As a result, a lot of businesses are vulnerable to unidentified dangers that could have significant effects. By not putting the right precautions in place, they can be risking their finances, sensitive data, and reputation.

Year on year, the national Computer Emergency Response Team, CERT NZ, has been recording higher numbers of cybercrime. Broken down, the data reveals a 13% increase in reported cybercrime and a direct financial loss of almost $17m in 2021.

As it becomes more important for businesses to be prepared and protected, let’s consider some of the common misconceptions that are possibly holding them back.

Myth #1: Most businesses don’t need cyber insurance

Cyber criminals aren’t usually targeting individual businesses – it’s a very opportunistic type of crime with millions of emails sent and attackers hoping some will be clicked on. 

Myth #2: It’ll never happen to me

Nowadays, most (if not all) businesses rely on technology in some form or another. Even something that may sound as simple as sending out an invoice from a work email or storing data in the cloud carries a potential cyber risk.

Myth #3: Cyber-attacks don’t result in much loss

A cyber incident can be a costly event, running into the tens of thousands of dollars. It can be scary, time consuming, put businesses into panic mode, place their reputations on the line and also impact their customers.

Myth #4: Cyber incidents are few and far between

There were almost nine thousand cyber incidents reported to CERT NZ last year, and the numbers continue to rise. Scams and fraud accounted for almost $12 million of the total financial loss reported. 

Myth #5: Once a cyber-attack has happened, there’s not much that can be done

A key factor during a cyber-attack is time – the way a business responds during the early minutes and hours can dictate how it will play out. For businesses insured with NZI, early notification is essential. Our expert team will then begin the investigation and engage with a panel of forensic experts to get systems up and running quickly.

Myth #6: There is no way to prevent a cyber attack

There are a number of ways businesses can protect themselves, one of them is NZI’s UpGuard tool, which analyses a company’s cyber security. This can help businesses better understand their cyber risks, and identify any vulnerabilities in their security. 

March 2023