Cyber-attacks are currently of heightened concern in the media and are widely being reported on due to ongoing major events. In fact, British companies were urged to strengthen their security by the National Cyber Security Centre (NCSC) over concerns from potential Russian cyber-attacks with the ongoing political crisis in Ukraine.
This naturally raises questions as to what risk we are exposed to from a personal and business perspective when it comes to malicious attempts to damage or disrupt devices or services.
Gordon McMillan, Specialist Dental Financial Adviser, asked Chris Cotterill, Commercial Client Account Manager at Wesleyan, the most asked questions in relation to cyber security and what the considerations are moving forwards.
GM: Is there a heightened risk for dentists due to current major events?
CC: To a certain extent, everyone is at risk. Viruses, hackers and trojans can take a life of their own and affect personal and business accounts, digital media and emails.
However, it has been widely reported that it is the critical national infrastructure that is the main focus currently, such as energy, water supply, transportation and telecommunications. The NHS has been included in guidance from the NCSC as part of this infrastructure. It has been targeted in the past, most notably in the global WannaCry ransomware attack in 2017.
It’s worth remembering that such attacks are a government issue and the bigger focus for small businesses such as dental practices should be on domestic attacks which affect all industries on a daily basis.
Another factor to remember is that insurance is not the solution to preventing cyber-attacks – it’s a financial safety net when cyber-attacks occur. To strengthen cyber security, you can follow advice from the NCSC.
GM: How can people protect themselves against cyber threats?
CC: Your staff are the first line of defence and regular training helps avoid complacency. On an individual level, you need to keep aware of your own digital interactions and follow official guidance to protect yourselves.
Another one to consider is cyber audits undertaken by ethical hackers, who may be able to identify weak spots in your security and provide extra training.
GM: What do people need to look out for in their cyber insurance policies?
CC: Domestic cyber-attacks are a growing threat in this digital age and can have far reaching consequences, particularly for business owners. As a holder of sensitive patient data there can be a lot at stake if you do have a breach in your practice. Cyber insurance aims to support you in the event of attacks, help you restore your systems and protect your reputation.
Keep an eye out for obscure exclusions in any policy you look to take out. Examples are exclusions such as operational error. The risk of a member of staff sending an email to the wrong person would be considered as part of this remit and is a possible risk to any business or person.
When it comes to political crisis, all insurance policies have some form of war exclusion. Whether it be a physical or digital threat, the resulting damage from such an event would affect many people and incur huge amounts of damages from a financial sense which cannot be quantified into a policy.
GM: Any final words of wisdom?
CC: The key takeaway in relation to cyber threat is similar to the dental mantra, ‘prevention is better than cure’. While insurance absolutely provides you with peace of mind that you could be covered should the worst happen, strengthening your cyber security should be a main priority when it comes to cyber threat.
GM: Thank you, Chris, for your insights and considerations.
Get further guidance on cyber prevention and the actions to take when the cyber threat is heightened.