More Cyber Threats, More Awareness   
The pandemic has changed how we live—the way we work, interact, shop, and spend our free time—by moving as much of that activity online as possible. The cyber risks presented by these changes aren’t new, but their necessary solutions will take a significant amount of effort and careful consideration.  Philomena Comerford, President & CEO of Baird MacGregor, has shared her expertise on cyber threats in a 
previous issue of TOB
, but the current situation has presented a new set of challenges and opportunities.   “If anyone doubted that insurance was an essential service or feared that brokers would be digitized out of existence: not true. All of us are pretty much working around the clock. It’s unbelievable how much we’re needed right now.” 
Increased Cyber Threat 
Since the start of the pandemic there has been a noticeable increase in cyber events and claims. Some of that activity can be attributed to cyber criminals purposefully taking advantage of the current crisis using techniques we’ve seen before, including phishing scams.  “Everybody’s hungry for information about the coronavirus and all of these criminals know that. They’re trying to draw people in either to hawk fake products or get them to go on what appear to be legitimate sites, mimicking for example John Hopkin’s University and then unleashing malware.  “Since everyone’s working from home now, new conversations need to take place with our clients about the fact they’re more vulnerable than ever.” 
Hidden Risks 
In the rush to get running quickly, some businesses have overlooked cyber security best practices, which has introduced new technical risks. Some people are using personal devices and many remote set-ups are running off a patchwork of systems that each come with their own set of vulnerabilities.    While technological risks are serious, human risks have been driving a lot of the recent increase in cyber events. Prior to the pandemic, many cyber incidents involved  some form of deception and that has only increased. People are working in a new way, from a different location, possibly with a different device and their lack of familiarity with the situation makes them more susceptible to threat. In this environment of uncertainty, deception raises fewer flags.   “We had to deploy devices to staff that hadn’t traditionally worked from home, so they’re getting used to new procedures. We had to focus on being safe ourselves.   “I do want to give a shout out to all the IT people. By allowing people to work from home, the IT community has prevented the spread of the pandemic. They should be counted among the heroes of this pandemic.” 

New conversations need to take place with our clients about the fact they’re more vulnerable than ever.
What the Pandemic has Taught Us 
Having plans in place is important, but it’s crucial for businesses to develop a culture of cyber security, because it’s difficult to prepare for every contingency and it only takes one weak link to expose a business to a cyber threat.   “We’re deploying online cyber training for our staff. And we’re going to retest them every six months to keep awareness up. It’s like the message wash your hands, wash your hands,  well we’re doing the same with cyber  hygiene.” 
The Future of Cyber Insurance 
This incident has underscored the need for cyber insurance at all levels as people realize how much they depend on their IT systems.  This is no longer just a concern of large corporations, it’s especially true of small and medium businesses since they likely have far less cyber security in place.  “We’re warning our clients and continuing to talk about cyber being part of their insurance lineup. With the increase in electronic communication and ecommerce, it’s only a matter of time until banks start demanding cyber insurance be part of the lineup of coverages they’re looking for before entering into any loans or lines of credit.”  As much as cyber insurance is becoming a necessity for brokers’ clients, that’s even more true for brokers themselves. Getting hacked during this pandemic would create the perfect storm for Principal Brokers who are already grappling with the challenges of supervising a remote workforce. Maintaining a properly secured network in the current telecommuting work environment adds to brokers’ business continuity challenges.   Under RIBO regulations, brokers are required to protect their clients’ privacy and must comply with federal mandatory breach notification law. It’s in brokers’ best interest  to meticulously maintain email contact information for every client and know which clients prefer phone or mail contact. By doing so, they’ll be positioned to efficiently fulfill their breach notification responsibilities if client information is accessed by a hacker. Brokers who carry cyber insurance can turn to their insurer partner for help in the wake of a breach.   “I think they should be making cyber mandatory for insurance brokers because of the amount of personally identifiable information we have—it’s immense. Brokers  should  know that if RIBO knocks on your door for an audit, they’re going to ask about your cyber hygiene. To not have cyber insurance right now is like walking outside with no clothes on.” 
With Philomena Comerford, President & CEO, Baird MacGregor Insurance Brokers LP 
SHAREemail sharing iconLinkedin sharing iconFacebook sharing iconTwitter sharing icon
Menu icon
Insurance Brokers Association of Ontario
1 Eglinton Avenue East, Suite 700
Toronto, ON M4P 3A1
416.488.7422 | 800.268.8845
Follow Us
Copyright © 2020 by Insurance Brokers Association of Ontario. All rights reserved. The contents of this publication may not be reproduced in whole or in part without prior written permission.