Alan Dainty, Cyber Risk Director at Thomas Miller Specialty, answers this common question.

'It seems barely a week passes now without news breaking of the latest Cyber incident. Some are targeted attacks in the form of Phishing (attempts by email to get users to click on attachments or links to break through IT security), Ransomware (malicious software that deletes or denies you access to your computer files unless a ransom is paid) or Data Breach (theft or accidental disclosure of customer or employee details).

The ones that don't make the news are the apparently more mundane Network Outages (IT system downtime), often only caused by technical issues or operational error.

The impact on the business affected by any of these events is often the same; immediate financial loss through the cost of managing and resolving the incident plus loss of income due to business interruption. In the case of a data breach, regulatory fines and penalties may also be imposed.

Company Boards of Directors are starting to appreciate that longer-term monetary loss because of a Cyber incident can also extend beyond these immediate financial consequences. Customers can also be affected; they lose confidence in your business and decide you are not someone they trust and so take their custom elsewhere. According to a KPMG report 86% of business partners would consider removing a breached supplier from their supply chain in order to protect their own business.

IT system interruption statistics show it's 'when' not 'if' a Cyber incident will occur.  Basic Cyber security precautions can help protect every business and reduce the Cyber threat risk. Cyber Essentials is a UK government-backed cyber security certification scheme that sets out a baseline of cyber security suitable for all organisations in any jurisdiction. The scheme's five security controls can prevent "around 80% of cyber-attacks". If you want to take things further the information security standard, ISO 27001, demonstrates to existing and potential customers that an organisation has defined and put in place best-practice information security processes.

Thomas Miller Specialty has relationships with trusted partners who provide a range of Cyber Security Resources: staff awareness, training, bespoke consultancy and assistance with gaining accreditation.'

Cyber Risk insurance is also becoming a priority insurance spend as companies seek financial help and guidance in managing their cyber risk exposure. Thomas Miller Specialty has both cyber and e-crime products available to buyers and brokers, on a worldwide basis; again, details of these  are provided on their website including application (proposal) forms: thomasmillerspecialty.com