Are You Covered?
By Drew Ginn

“I thought it was you that was emailing me,” a controller at a local organization exclaimed to the CFO as it was confirmed that there had been over $70,000 wired to an unknown Wells Fargo bank account. Unbeknownst to the controller, this was a spoof attack — one of the many different types of cyberattacks.

The CFO had been out of town on vacation, and a hacker had obtained this information by monitoring online activity through various social media platforms. When the time was right, the hacker created a very similar looking email address with only one miniscule difference: It was completely unnoticeable to someone not looking for it. The email read, “I forgot to pay this bill before I left the office for vacation. Can you wire $10,000 to this account? Here’s the routing number.”

From an insurance perspective, we’re seeing attacks like this all over the marketplace today. The topic of cybersecurity has gained great momentum as we’ve seen in recent years due to well-known data breaches such as Equifax, Target and Delta Airlines. To take it a step further, as larger companies are beefing up their IT budgets to combat these types of attacks, hackers are moving to smaller and medium-sized companies because smaller organizations don’t have the financial means to support the infrastructure required to fend off these attacks.

What It Means to You

Recently, I had the opportunity to tour a local countertop fabricator. It was here that I developed a deeper understanding of the intricacies not only during the customer-buying process but also in the fabricating process as well. It is without a doubt that CNC machines play a vital role to the industry. In fact, they help eliminate the human error factor and decrease material waste.

As we evolve technologically, we continue to see more and more of our machines with networking capabilities. These capabilities, most of the time, allow us to monitor machine performance and progress remotely from our phones and computers.

Herein lies the risk factor. Taking an asset of such significance and exposing it to a network introduces a considerable amount of risk. You might be asking, “Why would someone want to hack into my machinery?” It’s another type of cyberattack called ransomware, and it’s currently the fastest growing cyber threat. Hackers can find a way into a company’s network and release a type of malicious attack that either locks the system up or encrypts files, which prohibits access into them unless, of course, a ransom of some dollar amount is paid.

Relating this back into the industry, what if this happened to your network? Your server would be locked down, communication between the laser templater and the CNC machines would be altered, improper or nonexistent, and production on the CNC would come to a stop which, in turn, would bring operations to a complete standstill.

Based on the scenario just mentioned, business would come to a screeching halt, and potentially there could be damage to machinery. There would also be lost production time, equating to lost revenue dollars. How will you recover, or better yet, how will you obtain those lost dollars?

The Solution

This scenario has happened to companies before. It can be detrimental and business altering in some cases. However, from a risk perspective, there are solutions. Affordable stand-alone cyber security policies exist that include coverage for all that’s been mentioned thus far, and even more. These include but are not limited to: loss or damage to personal electronic data, loss of business income, and reputational damage — just to highlight some of the major items.

This may never happen to you and your company, but by providing insight on many of the trends we are seeing in the insurance industry, you can get an idea of how these items could affect you, and shine some light on areas of vulnerability that could exist within your business.

A recent report estimates that cybercrime damages will cost the world $6 trillion on an annual basis by 2020. With that being said, take the necessary precautions to protect yourself and your business.

About the Author

Drew Ginn is an insurance consultant in Northwest Ohio at Andres O’Neil & Lowe, specializing in property, liability, errors and omissions, and cybersecurity insurance. He can be reached at (419) 636-5050 or drewg@ andresoneilandlowe.com. For more information about Andres O’Neil & Lowe, visit www.andresoneilandlowe.com.