The frequency and extent of the impact of cyber attacks on businesses and public bodies have been experiencing a strong growth trend on a global scale for some time. As if that were not enough, the gravity of this scenario is amplified by the historical underestimation, particularly by Italian companies, of the need to adopt structural initiatives for the prevention and management of cyber risk. This fact prevented the implementation of adequate protection measures.
The importance of planning and prevention
The results of the Clusit 2022 report (Italian Association for IT Security) return a rather critical image on the cyber security front for Italy and Europe. The report recorded an increase in cyber attacks of 10% in the last year compared to the previous period, reaching one monthly average of 171 attacksthe highest value ever recorded.
What makes the picture more worrying, however, is the increase in the severity of these attacks, i.e. the effect they are able to generate on the operations of their targets. Attacks with an impact assessed as «high» were in fact equal to 79% of the total, compared to 50% the previous year.
In other words, the qualitative growth in aggression is perhaps even more worrying than the quantitative one, given the pervasiveness of the possible consequences.
Europe certainly remains a high-risk area, concentrating 21% of cyber attack cases, while in 2020 they represented 16%. In Italy the sectors most affected that leaves the financial/insurance and public administration sectors, which alone represent around 50% of cases. Immediately following we find the industrial sector, which now accounts for 18%.
Faced with this scenario, companies are called upon to urgently address all areas related to IT risk management. To do this effectively, it is necessary to start from a fundamental assumption: basically, cybersecurity is first and foremost an organizational problem, rather than a technological one. The company must therefore set itself two main objectives:
- equip yourself with the technological tools necessary to reduce the possibility of a cyber attack (antivirus, equip yourself with an IT Disaster Recovery plan, constantly update software and applications, use multi-factor authentication, use the internet via a protected network, etc.);
- transfer the “residual risk” to the insurance market.
Why take out a Cyber Risk policy
Specifically, cyber policies cover direct damages (such as data loss) and indirect damages (for example: business interruption, loss of profit, recovery costs, etc.) as well as civil liabilities towards third parties (suppliers, customers) of whom the insured holds sensitive, critical, commercial information, which constitutes intellectual or personal property, «protected» under the terms of the relevant laws.
Like the Lokky Cyber Risk Coveragewhich offers the insured the coverage of expenses and losses resulting from cyber attacks, as well as providing the intervention of an expert for the recovery of lost data and for decontamination from any malware. All services included in the Smart version, which has a maximum limit of up to €25 thousand. Lokky also presents a Top version of the policy which instead provides for an increase in the limit up to €250 thousand and the inclusion of numerous additional guarantees, including a daily allowance for business interruption and coverage of expenses for restoring the company image.
Accidents lurk around the corner, and the presence of an advanced insurance broker, capable of assisting and advising the company also in the management of the claim, can make the difference between the positive or negative performance of a business that has suffered a cyber attack.
latest posts published
Lokky, the Italian data driven insurtech for professionals and SMEs
An ally for cyber security: Load Balancing
Business Trend 2023 for SMEs, professionals and commercial activities
Occupational risks for pastry shops
How to read a pay slip
What are the most common cyber risks and how to protect yourself
Clinical Risk: What it is and What are the consequences
Commercial activities most affected by theft
October is European Cyber Security Month
