COVID-19, Remote Working and Cyber Attacks

April 10, 2020

Amid the economic crisis brought on by the COVID-19 pandemic, many small businesses are devoting most of their attention to finances — and with good reason. The disruption caused by the pandemic threatens their very existence.

So the questions insurance agents are hearing most often these days from small-business owners are:

  1. "Am I covered for business interruption caused by the coronavirus?" (It depends on the language in the policy.)

  2. "Am I eligible for PPP funding?" (See the conditions for the Payroll Protection Program on the coronavirus.gov website.)


But in the rush to secure funding to keep their operation running and their employees on the payroll, some businesses are paying too little attention to another potentially fatal risk: cyber attack.

With unprecedented numbers of people working remotely due to the pandemic and more business than ever being transacted online, cyber criminals are recognizing vulnerabilities and exploiting them.

As Alera Group notes in the recently released document Warning: Cyber Liability — Increase Risk with COVID-19:

"Experts are projecting a 30-40 percent increase in cyber attacks during the novel coronavirus pandemic. This is primarily due to hackers exploiting the vulnerabilities associated with this crisis, especially those arising from employees working from home. In situations such as these, companies need to reexamine their network security infrastructure and Cyber Liability Insurance program."

To view the full, single-page document, click on the image at right.

Productivity vs. Security


While seeking information on financial assistance and insurance coverage, business owners have another priority that may compromise their cyber security: keeping their remote workforce as productive as possible.

"What's happening on the cyber security side is that people's guards are down," Asaf Lifshitz, CEO of Massachusetts and Israel-based Sayata Labs, tells the publication Insurance Business America. “Cyber security almost always comes at some degree of conflict with productivity, and all of a sudden [as a result of the coronavirus] there’s this massive shortage of productivity. Companies need to be able to transact business, now that their employees are working from home and they’re already taking a hit.

“In times like these, IT managers have to make compromises. Ideally, we’d like our employees to log in via a VPN, or to conform to whatever standards we put in place before. Now, it’s much harder to enforce. If we insist on doing it, productivity will take a bigger hit, and so those constraints are relaxed a little bit — and that’s what I mean when I say guards are down from a pure cyber security perspective."

Zoom bombs, Slack attacks and other trending threats


The Conversation website explores the risks of using popular online collaboration tools such as Zoom and Slack in its piece Working from home risks online security and privacy— how to stay protected. The piece includes these risk management tips:
  • Be careful what you post publicly. Check that there is no potentially sensitive information in it. Once it’s published online, it’s there, forever.

  • Check recent security and privacy reports about online collaboration tools before using them, and if in doubt, consult your employer. These tools can have access to details about your devices, your data and your video and audio conversations. The Electronic Frontier Foundation is a good source.

  • Protect your devices. Install anti-virus software, update systems and apps, implement multi-factor authentication (so that multiple pieces of evidence are needed for someone to use your login, such as username and password and a text message), and be on the lookout for phishing scams.

  • Zoom Bombing and other forms of hijacking meetings can be prevented. Share meeting links with only invited partiesConfigure Zoom to only allow the host to share screen, as appropriate. And disable file transfers to stop trolls sharing viruses to all attendees.

The importance of cyber insurance


While good risk management is always advisable, it's also true that cyber breaches are inevitable. As I've written before, "Because no business is immune to cybercrime, it stands to reason that every business should protect itself with cyber insurance. Competitive pricing among the broad array of carriers offering coverage further contributes to the value of a cyber policy."

For more information on cyber insurance, see the Alera Group flier. And if you'd like to know more about how cyber insurance can protect your business, contact us at info@aleragroup.com to be connected with an expert.

 

About the Author:

Andrew Armstrong
Partner/Account Executive
Sylvia Group, an Alera Group Company

The fourth generation in his family to provide clients with custom-designed solutions to risk-mitigation challenges, Andrew Armstrong carries on the Sylvia Group tradition of service to his clients and community. A Certified Commercial Lines Professional (CCLP), he makes sure that no detail related to a business' insurance needs goes overlooked. Through an open discussion of their needs and budget, he works with clients to design coverage programs in a collaborative process that leaves them feeling better for the experience.

The information provided in this alert is not, is not intended to be, and shall not be construed to be, either the provision of legal advice or an offer to provide legal services, nor does it necessarily reflect the opinions of the firm, our lawyers or our clients. This is not legal advice. No client-lawyer relationship between you and our lawyers is or may be created by your use of this information. Rather, the content is intended as a general overview of the subject matter covered. Barrow Weatherhead Lent LLP is not obligated to provide updates on the information presented herein. Those reading this alert are encouraged to seek direct counsel on legal questions. © 2023 Barrow Weatherhead Lent LLP. All Rights Reserved.

About Alera Group 

Alera Group is an independent, national insurance and wealth services firm with more than $1.1 billion in annual revenue, offering comprehensive employee benefits, property and casualty insurance, retirement plan services and wealth services solutions to clients nationwide. By working collaboratively across specialties and geographies, Alera Group’s team of more than 4,000 professionals in more than 180 locations provides creative, competitive services that help ensure a client’s business and personal success. For more information, visit https://aleragroup.com/ or follow us on LinkedIn.