When companies talk about “cyber insurance,” they’re actually referring to a large, growing breadth of coverage that includes several possible protections. One of the most popular subsections of cyber insurance concerns social engineering, a rapidly evolving threat for industries to recognize. While this term in and of itself might not be familiar, it pertains to some of the most frequently used forms of exploiting security holes.
A social engineering scheme happens when a criminal successfully convinces an employee to deliver money to them. Security firm Hillard Heintze says that there are 100,000 of these attacks happening daily, so businesses of all sizes need to be on their guard.
“What makes social engineering different is the amount of elaborate effort which goes into it.”
Elements of this attack are similar to the phishing methods which often infiltrate companies through email links. What makes this attack different is the amount of elaborate effort which goes into it, with the hacker impersonating a legitimate business to win their trust. This is why employee training is a valuable part of cyber insurance best practices, to ensure that businesses enforce the latest standards.
John Roberts, PayneWest Insurance Sales Executive/VP, described the nature of social engineering attacks and the way the insurance industry as a whole is changing.
“Policies are becoming more expansive (an example would be the inclusion of Social Engineering coverages) and the basic costs are decreasing due to the increased volume of insured’s now purchasing the coverage,” Roberts said. “The trend is similar to the Employment Practices Liability Insurance trend that started nearly 30 years ago.”
PayneWest clients get access to both our resources and the cyber risk management services of our partner WATSEC. With their help, businesses will see more of their systems analyzed for possible issues. Contact us for more information.