
17 London borough councils (52 percent) report that despite news of increased ransomware attacks, they do not have a cyber insurance policy in place
A Freedom of Information (FoI) request by ProLion has revealed that 17 (52 percent) of London’s borough councils do not have a cyber insurance policy in place to provide support in the event they suffer a cyber attack on their IT systems.
ProLion sent the FoI request to each of London’s 32 borough councils plus the City of London in December 2021. Five councils (17 percent) refused to say whether or not they have in place a cyber insurance policy, citing Section 31 of the Freedom of Information Act which exempts the disclosure of information that could ‘prejudice the prevention or detection of crime’.
One council responded to say that the disclosure of information related to cyber insurance could lead to an increased risk by encouraging an attack. Others said that disclosure of such information would give cybercriminals insight into possible vulnerabilities, or embolden them to attack those most at risk.
Eight borough councils (24 percent) were ambiguous or unclear in their response to the FoI request. Three borough councils did not respond to the request at all.
Steve Arlin, VP Sales, UK, Americas & APAC, ProLion, stated, “Ransomware attacks have continued to rapidly grow both in frequency and sophistication. The situation demanded action a long time ago, and the issue is now so large that businesses can’t afford to be reactive in their approach to cybersecurity.”
Organisations of all sizes and sectors are viable targets for opportunistic cybercriminals but the public sector is likely to hold more sensitive data, including Council Tax, medical records, and financial information. This might explain why they are a preferred target and more likely to pay any ransom demands.
“Ransomware brings with it a risk of reputational damage, productivity losses, and of course the cost of paying the ransom. But for an organisation such as a borough council, the risk of large volumes of sensitive personal data falling into the wrong hands means that it could face huge UK GDPR related fines as a result.
“Furthermore, the rise in staff working from home remotely means there are new risks to consider. If not managed correctly, remote working can open the door to an insider threat. It only takes one click by an employee to infect an entire network.
“We would advise all organisations to bolster their defences with several layers of protection, and with multiple mitigations at each layer. It’s also wise to invest in the latest file protection solutions, as these can automatically block known ransomware signatures and files that have not been approved, while simultaneously monitoring users for any unusual behaviour. This is a vital final layer of cyber defence if all other security solutions fail.”
The research also provided insights on councils’ approach to cybersecurity. Responding to the freedom of information request, a representative for one council explained, “We have discovered the cyber insurance market remains very challenging and therefore difficult to obtain competitive quotations, we are currently looking at both insurance and a cyber consultancy review, including self-assessments as a solution to our cyber risks.”
Arlin continued, “It’s no secret that a rise in ransomware attacks has brought on an increase in the price of cyber insurance in recent years. In fact, Sophos’ 2021 Guide to Cyber Insurance revealed that the average cost of cyber insurance has increased by 32 percent. The cyber insurance market is evolving at an extraordinary speed to keep pace with the growing volume and developing sophistication of attacks.”
Go to www.prolion.com for more information
Fachartikel

ChatGPT bei der Arbeit nutzen? Nicht immer eine gute Idee

Das Aktualisieren von Software-Agenten als wichtige Praktik der Cyberhygiene auf MSP-Seite

Kosteneinsparungen und Optimierung der Cloud-Ressourcen in AWS

CVE-2023-23397: Der Benachrichtigungston, den Sie nicht hören wollen

Wie sich kleine und mittlere Unternehmen proaktiv gegen Ransomware-Angriffe wappnen
Studien

Studie zeigt 193 Millionen Malware-Angriffe auf Mobilgeräte von Verbrauchern im EMEA-Raum

2023 State of the Cloud Report

Trotz angespannter Wirtschaftslage: die Security-Budgets steigen, doch der IT-Fachkräftemangel bleibt größte Hürde bei Erreichung von Security-Zielen

BSI-Studie: Viele Software-Produkte für Onlineshops sind unsicher

Wie Cloud-Technologie die Versicherungsbranche revolutioniert
Whitepaper

Aufkommende Trends in der externen Cyberabwehr

Cyber-Sicherheit für das Management – Handbuch erhöht Sicherheitsniveau von Unternehmen

Aktueller Datenschutzbericht: Risiko XXL am Horizont

Vertrauen in die Lieferkette durch Cyber-Resilienz aufbauen

TXOne Networks und Frost & Sullivan veröffentlichen Jahresbericht 2022 über aktuelle Cyberbedrohungen im OT-Bereich
Unter4Ohren

Optimierung der Cloud-Ressourcen und Kosteneinsparungen in AWS

DDoS – der stille Killer

Continuous Adaptive Trust – mehr Sicherheit und gleichzeitig weniger mühsame Interaktionen

Datenschutz und -kontrolle in jeder beliebigen Cloud bei gleichzeitiger Kostensenkung, Reduzierung der Komplexität, Verbesserung der Datenverfügbarkeit und Ausfallsicherheit
