In accordance with the latest UK government guidelines, all RMP colleagues are now working from home until further notice. Despite not being able to meet with you in person, we are very much open for business and you can reach all our teams by phone, email or social media as we continue our mission to deliver the best service possible for you and all of our clients.
Thank you for your understanding and support as we do our bit to help mitigate the risks associated with COVID-19 in these extraordinary times.
Take care and stay safe from all at RMP

rmp-logormp-logormp-logormp-logo
  • Why RMP
  • Who we work with
  • Resources
  • Insights
  • People
  • Get in touch
  • RMP Europe
Published by Risk Management Partners on August 27, 2020
Categories
  • Education
  • Fire
  • Local government
  • Police
  • Resources
  • Risk Control
  • Third sector
Tags

Cyber risk at a glance

Home > Cyber risk at a glance
  • The scale and frequency of cyber-attacks in the UK is increasing year on year
  • In 2019 local authorities suffered over 250m cyber-attacks in a 6-month period1
  • Currently, there is insufficient knowledge about what cyber products cover
  • Exposure to cyber risk can cause business interruption, income loss, damage management and repair, possible reputational damage and may not be covered by insurance
  • Traditional insurance policies are designed to cover tangible assets
  • They are not designed to cover intangible assets or any consequential losses that arise
  • For example, public liability will not cover non-physical damage to a third party caused by data theft.

Do you really need cyber insurance?

There can be little doubt that the frequency and severity of cyber-attacks in the UK remains a major concern. According to the UK Government’s Cyber Security Breaches Survey 20202, almost half of businesses (46%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months. Like previous years, this is higher among medium businesses (68%), large businesses (75%) and high-income charities (57%)

The picture for local authorities in the UK is just as concerning. According to 2018 research3 based on Freedom of Information requests, over the past five years there have been 376 cyber security incidents – cases where there has been actual breach – and this has affected more than a quarter of councils.

The investigation revealed that 25 councils experienced one or more cyber security incidents resulting in the loss or breach of data.

The analysis also found that cyber-attacks on local authorities most commonly involve viruses and other malicious software, or phishing, where the perpetrator attempts to obtain sensitive information such as passwords.

Then of course, there are the ramifications that exposure to these risks can cause, such as business interruption, income loss, damage management and repair, and the possibility of reputational damage if IT equipment or systems fail or are interrupted.

Coverage uncertainty

Unfortunately, there can be a degree of uncertainly for risk managers as to what exactly their current insurance policies provide in terms of coverage. Specifically, whether you would be covered in the event of a cyber-attack on your organisation. And this remains a UK-wide issue. According to the Cyber Breaches survey, the charity findings show a rising of incidence, from 19% in 2018 (when charities were first surveyed) and 22% in 2019, to 26% in 20204.

Historically, from an insurance perspective, we have tended to look at coverage initially from the point of view of tangible assets, such as physical buildings, plants and machinery, with available extensions in the form of business interruption cover for loss of revenue.

And yet, the world is changing. Whereas historically, and rightly, a company or public authority’s focus would have been on its physical assets, in the 21st century there can be little argument that intangible assets – your information, your data, and your intellectual property – are just as important.

As we know, cyber-attacks can target any form of electronic information, so we are clearly not in the realm of tangible assets. Instead we are looking at a variety of scenarios, including loss or damage to data or software programmes; business interruption losses as a result of network downtime; or even cyber & data extortion demands where third parties threaten to damage or release data if money is not paid to them. We have moved from a tangible to an intangible risk.

For example, a party could hack into your computer systems and cause extensive damage, but if you haven’t taken out cyber insurance then you will not necessarily be covered for the consequences of such an attack. It is vital to ensure that your intangible assets are insured, but the good news is that cyber insurance market is developing to plug that gap.

What about public liability?

You might think that your public liability (PL) insurance will insure you for the consequences of a cyber-attack, but PL in the traditional sense covers bodily injury or physical damage to a third party. From a cyber perspective, if something from a local authority causes non-physical damage to a third party, that will not be covered. In some respects, cyber insurance at the moment is like the directors & officers’ liability market was some years ago, with limited knowledge about what the product covers and why it is so important. And yet, with the scale and regularity of cyber-attacks in the UK increasing year on year, it is vital that you review the adequacy of your existing insurance and determine whether that will cover you in the event of an attack on your authority.

Source

1. https://www.teiss.co.uk/local-councils-cyber-attacks-risk/

2. https://www.gov.uk/government/publications/cyber-security-breaches-survey-2020/cyber-security- breaches-survey-2020

3. https://bigbrotherwatch.org.uk/all-media/local-authorities-face-19-million-cyber-attacks-a-year- investigation-reveals/

4. https://www.gov.uk/government/publications/cyber-security-breaches-survey-2020/cyber-security- breaches-survey-202

How can we help you?

For more advice on how we can help lower the cost of your risk, please email contact@rmpartners.co.uk

Unsubscribe

You can opt out of marketing communications at any time by contacting us.

Download Resource

Cyber Risk at Glance

Related Resources

Free Running...

Security – Intruder Alarms...

Tree root claims...

Aggregate stop loss protection...

Flammable Liquids...

Risk Assessment – Suitable and Sufficient...

Maintaining Health and Wellbeing during COVID-19...

IOSH Managing Safely Virtual Courses – May &...

Essentials of Enterprise Risk Management – IRM Ac...

IOSH Safety for Executives & Directors (SfED) Virt...

IOSH Managing Safely Virtual Courses – February &...

Ice on the Road...

Blue Light Trauma Awareness and Management...

Competency of Structures Inspectors...

Bite Size Virtual Training Programme – EL & ...

Volunteers – Risk Management Guidance...

Bite Size Virtual Training Programme – Casualty R...

Bite Size Virtual Training Programme – Fleet ...

COVID-19 Risk Management Checklist – Offices...

COVID-19 Risk Assessment Guidance – Offices...

Lanyards While Driving...

Fraud...

Risk Control Refuse Booklet...

Arson Control...

COVID-19 – Returning to the Workplace...

COVID-19 Risk Management Checklist – Working in or from...

COVID-19 – Returning to the Workplace – Leg...

COVID-19 Risk Management Guidance – Education Settings...

Managing Risks associated with Swimming Pools in Educat...

Firework Risk Management Questionnaire...

Cycling to and at work...

Managing risks associated with online vehicle booking s...

The Ups and Downs of Trampoline Parks...

County Lines Drug Running...

Sandwich Panels...

Personal Protective Equipment (PPE)...

Risks in Outsourcing...

Redeployment during COVID19...

W-8BEN-E – FATCA AIG Europe Limited...

Ergonomics and Display Screen Equipment Use...

E-Scooters...

Portable and Transportable Space Heaters...

RMP Tenders – Information Required for Quotations...

Stress...

Police Motor Fleets...

Metal Halide Lighting...

Home Food Preparation for Schools...

FM-200...

Suspension of Driver CPC Training...

Private Fire Hydrants...

Inergen...

Stress Risk Management for Emergency Services...

Managing Drivers with Diabetes...

Ash Dieback...

Stress Risk Management...

Managing Risks associated with Grey Fleet Vehicles...

Play – The Universal Language of Children...

Homeworking...

Skateparks – A Guide for Local Authorities...

Well Managed Highways Infrastructure Code of Practice...

W-8BEN-E – Underwriters at Lloyd’s London...

W-8IMY – FATCA Risk Management Partners Limited...

Dementia Awareness for Managers of Drivers...

Children and young people within a Blue Light workplace...

Electrical Fires – fixed electrical installations...

W-8BEN-E – FATCA MS Amlin AG...

Cyber Attacks...

Highways Competency Framework...

Automated & Electric Vehicles Briefing 2020...

Keyless Vehicle Entry Systems – Relay Theft...

Argonite...

Fire Safety – Flammable Gases...

Winter Weather Precautions...

Security – Metal Theft...

Managing Risks associated with Hand Arm Vibration Syndr...

Smoking in the workplace...

Control of Contractors...

Electrical Fires – Portable Electrical Appliances...

W-8BEN-E – FATCA HSB Engineering Insurance Limite...

FISP Permit...

Fireworks – Planning a safe display...

Novec 1230...

W-8BEN-E – FATCA Ecclesiastical Insurance Office ...

W-8BEN-E – FATCA Mitsui Sumitomo Insurance Compan...

Risk Management Health Check...

Unwanted Fire Signals...

Kitchen Fires...

Broker Bulletin No. 3 – Insurance Act 2015...

Security – Manned Guarding Services...

W-8BEN-E – FATCA Starr International (Europe) Lim...

Broker Bulletin No. 5 – Employees Own Vehicles &#...

Fire Brigade Strike...

The viability of care homes...

Motor Vehicle Insurance – Use by volunteers of th...

Claims Handlers (Auditing)...

Broker Bulletin No. 13 – Regional Adoption Agenci...

Security – CCTV...

Broker Bulletin No. 1 – Defibrillators...

Freezers and Fridges...

Inflatable Structures...

Misfuelling a Vehicle...

Highways – Responding to the Crisis...

Unstaffed Extended Opening Hours...

Security – Understanding the Risk...

Heating up our Highways...

Children’s Trusts...

W-8BEN-E – FATCA QBE Insurance (Europe) Limited...

Unoccupied Premises...

Fork-Lift Trucks...

Hot Work – Understanding the Risks...

Waste Collection and Culture Risk Management...

Risk Management for Public Events...

Cyber Risk Healthcheck...

Broker Bulletin No. 4 – Contract Works Cover ...

Drones and Unmanned Aerial Vehicles...

Project Planning...

Proper Footwear for the Job...

Combined Liability – Decision Tree and Treatment ...

How an underwriter sets a premium...

Broker Bulletin No. 8 – Police Risks – Dete...

Contract Works Insurance...

Green Matters...

Sprinkler Impairments...

Broker Bulletin No. 2 – Local Pension Boards ...

Gaseous Fire Suppression System...

Time for a Check Up...

Environmental Risk Management...

Storage Fires...

Automatic Sprinklers...

Preventing slips on snow and ice...

Thermography...

Authority Business – Using Your Own Vehicle...

Civil Unrest...

Modular Construction on Educational Sites...

How to complete your renewal questionnaire...

Refuse Collection Operations Risk Management – Safety C...

Automatic Fire Detection...

Inland Open Water – Risk Management Guidance...

Lightning Protection...

Controlling the casualty risks associated with unmanned...

Broker Bulletin No. 7 – POLICE Risks – Memo...

Storage of Hazardous Substances in Educational Establis...

Broker Bulletin No. 9 – Police Risks – Nati...

Security – Money...

Allergies & Risk of Anaphylaxis in Schools...

Broker Bulletin No. 11 – New PL & EL Policy ...

Transient Overvoltage Protection...

Security – Computer Equipment Protection...

Shared Services – where are we now...

Small events risk management...

Housing Fire Risk Management...

Preventing & Controlling Unauthorised Access to Ro...

Automatic Sprinkler Systems – Winter Precautions...

Arson Control...

Social Media & Social Responsibility – Highe...

Security – Physical Protections...

Legionella – Risk Controls...

Broker Bulletin No. 12 – RMP launches new Terrori...

Social Media & Social Responsibility...

Tree Safety – Managing the Risks...

Sign up to receive the latest from rmp

You can opt out of marketing communications at any time by contacting us

Sign up to receive the latest from RMP

Short Form Privacy Notice

Risk Management Partners Limited is the data controller of any personal information you provide to us or personal information that has been provided to us by a third party. We collect and process information about you in order to arrange insurance policies and to process claims. Your information is also used for business purposes such as fraud prevention and detection and financial management. This may involve sharing your information with third parties such as insurers, reinsurers, other brokers, claims handlers, loss adjusters, credit reference agencies, service providers, professional advisors, our regulators, police and government agencies or fraud prevention agencies.

We may record telephone calls to help us monitor and improve the service we provide. For further information on how your information is used and your rights in relation to your information please see our privacy notice at https://rmpartners.co.uk/privacy-policy. If you are providing personal data of another individual to us, you must tell them you are providing their information to us and show them a copy of this notice.

You can opt out of marketing communications at any time by contacting us

RMP

  • Classes of insurance
  • Resources
  • Why RMP
  • Insights
  • Get in touch

Sectors

  • Local government
  • Police
  • Fire services
  • Education institutions

Legal

  • Complaints
  • UK Privacy Notice
  • EEA Privacy Notice
  • Cookie policy
  • Terms and conditions
  • Lloyd’s Brexit Transfer

Follow Us

  • LinkedIn
  • Twitter

© Risk Management Partners Ltd All rights reserved. Authorised and regulated by the Financial Conduct Authority number 313119. Registered in England number 2989025. The Walbrook Building, 25 Walbrook, London, EC4N 8AW