The Chubb Cyber IndexSM indicates that cyber incidents affecting public entities have tripled over the past three years. With an increasing number of cyber attacks taking their toll—and their targets ranging from large metropolitan cities like Atlanta to smaller communities like Borger, Texas,—it is clear that every city in America is vulnerable to these cyber events and should prepare accordingly.
No matter the city or community in the crosshairs, it has become evident that they are targeted because of their vast collections of sensitive data. During a breach, adversaries may be able to access and alter everything from traffic lights and 9-1-1 systems to official document records, citizens’ social security and tax information. The sensitive nature of this data, and the fact that emergency systems could be affected, can lead bad actors to feel emboldened to demand higher ransoms in exchange for returning systems to business-as-usual.
From this, we can see that now more than ever cyber insurance is a necessity for all public entities. As this demand grows, so too does the need for agents and brokers to understand the corresponding insurance solutions, along with the best preventive measures public entities should employ.
In client conversations, agents and brokers can suggest these five mitigation opportunities and insurance offerings, which, when used together, can help better protect public entities against their increasing cyber risk:
1) Employees Are Your First Line of Defense
Bad actors often exploit public entities via phishing emails, which then allows them to deploy ransomware onto the networks of municipalities—holding their data hostage and effectively bringing their entire system to a halt. These attacks are often triggered by an employee unknowingly opening a malicious email on a computer that is not properly protected.
Human error tops the list of vulnerabilities for public entities, which means employee education is critical. Employees should be well-versed in phishing attempts, understand how to recognize potentially malicious content—such as the inclusion of suspicious links, emails sent at an unusual time, misspelled words or an unrecognized sender—and know who to contact if they suspect something is amiss. Educating employees to be the first line of defense against these attacks is an important step for public entities.
2) Security Software Adds Another Much-Needed Layer of Protection
In addition to properly educating employees, it is also important to ensure that all devices within a network are equipped to protect against cyberattacks. Public entities are often less likely to have cybersecurity software installed on their network devices than other business industries, making them an easier target for cybercriminals.
By installing proper security software on network devices, public entities are able to add an additional layer of protection against potential attacks. For example, email security software can help to block malicious emails at the perimeter, offering another line of defense against the possibility of an employee’s innocent mistake.
3) Keeping Your System Up-To-Date and Patching the Weak Links
In order for security software to effectively protect a network, it is also important to regularly assess what other vulnerabilities exist. As a network grows out of date—both in terms of assessments and repairs—exposures increase exponentially.
Regularly upgrading equipment and repairing, also known as “patching,” any vulnerabilities that may exist within a system allows security software to perform to the best of its abilities and protect against ever-evolving cyber threats.
4) Regularly Backing-Up Your Data
In addition to pre-breach mitigation tactics, it is also important to be as prepared as possible in the event a cyber incident does occur. Once a device is infected with ransomware, the malicious code can infiltrate an entire network of devices. This could allow hackers to lock out more and more data files until the larger ransom is paid, or they may choose to destroy all records instantaneously. Both situations could permanently cripple city systems, if they do not have the proper protections in place.
Regular backups of all data, files and information is therefore critical. Backups should be scheduled regularly and stored offline in a separate secure location, such as an external drive, to prevent the backups themselves from being corrupted during a breach. Backups should also be tested from time-to-time to ensure they are usable.
5) Going Beyond Cyber Insurance
In many cases, an insurer can connect public entity clients with cybersecurity service offerings specifically designed for their needs, which can offer municipalities additional ways to help prevent ransomware attacks.
While no prevention tactic is perfect, a comprehensive cyber insurance policy, in addition to these preventative steps, can help offer public entities peace of mind.
With both the frequency and cost of cyberattacks on the rise, public entities can now face six- and seven-figure ransoms. Since public entities have a duty to serve the people, there is often a higher incentive to pay a ransom and resolve a situation as quickly as possible, despite these skyrocketing costs.
As a result, it can often be hard for a public entity to know what the right move is—should they pay the ransom, or wait it out? In addition to considering their duty to citizens, public entities must take into consideration the potential financial loss, employee safety and the reputational harm that can result from a cyber incident.
By understanding the full gambit of a public entity’s risks, you as the advisor can help to guide your clients towards the best possible solution and ensure they are prepared for any situation.
Russ Cohen is Chubb vice president of Cyber Services, managing all policyholder services associated with the company’s pre- and post-incident cyber services, as well as supporting innovations in underwriting, data analytics, and predictive modeling associated with enterprise cyber security risks.