Terrorism: What can you do?

In light of continued terrorism attacks and subsequent changes to the UK Government’s threat levels, businesses and individuals are urged to be extra vigilant.

The National Counter Terrorism Security Office (NaCTSO) has issued a National Stakeholders Menu of Tactical Options in response to this raised threat level. It is recommended that all businesses/partners read and consider these. NaCTSO are not at this time recommending any specific changes to how you operate, but recommend that you consider increasing and/or reviewing the following:

  • Security presence
  • Staff Vigilance
  • Partnership working
  • CCTV

Whilst these measures are quickly achievable, by far the greatest asset and tactic you have is engaging staff who deliver a high level of quality of service – by speaking to visitors to your buildings and challenging those displaying unusual behaviour.

You should also review your building and business continuity plans in the light of this attack, ensure that first aid points are fully stocked, and make sure that the location of key equipment is made clear to all staff. We also recommend that employees are directed to the Citizen Aid app and Run, Hide, Tell on YouTube.

The NaCTSO recognise that many businesses will have innovative ways of managing protective security. They ask that where you think you have a tactic or operating model that could be utilised by another similar organisation to good effect, that you share it with the NaCTSO so they can, in turn, share with others.

A final point to note, all terrorists use hostile reconnaissance in attack planning and we are reminded by the NaCTSO of the need to train staff and remind everyone of the vital role they play in recognising hostile reconnaissance. If in doubt, call the anti-terrorist hotline on 0800 789 321 or in an emergency, 999.

Useful Links

The following links provide additional useful information that may assist when deploying the tactical options:

https://www.cpni.gov.uk

https://www.gov.uk/government/publications/stay-safe-film

https://www.gov.uk/nactso

https://www.mi5.gov.uk

 

If you have any concerns or queries regarding your security arrangements, please contact your usual broking team or Gary Foggo (Health & Safety Consultant, TL Dallas) on 07920 862983 or email gary.foggo@tldallas.com.

 

Terrorism Insurance:

The nature of terror attacks are changing and so therefore are the types of insurance available. You may well suffer a loss of business following terror attacks even if the attack does not directly affect your premises and there are types of cover, such as ‘Active Assailant, loss of attraction & threat’ that would cover you in these instances.

For more information please contact your TL Dallas broker or email michelle.clewley@tldallas.com.

Cyber Crime

As cyber attacks continue to rise and in the wake of the recent NHS cyber breach, UK-based businesses of all sizes are being urged to protect themselves against online crime. Recent government statistics showed nearly half of all UK businesses suffered a cyber breach or attack in the past year.

A recent survey* reveals nearly seven out of ten large businesses identified a breach or attack, with the average cost to large businesses of all breaches over the survey period in 2016 being £20,000 and in some individual cases reaching millions.

The survey also shows that personal data is still a lure for criminals, with businesses holding electronic personal data on customers much more likely to suffer cyber breaches than those that don’t (51 per cent compared to 37 per cent). The most common attacks detected were via ‘phishing’ (fraudulent emails).

Almost all businesses rely on information technology (IT) infrastructure to transmit and store data including, employee and customer records, company business records, e-mail and telephone services, company website and online sales.

 

So, what is Phishing?

Phishing is a form of social engineering that uses email or malicious websites to solicit personal information from an individual or company by posing as a trustworthy organisation or entity. These kind of attacks are often via email and appear to be from an institution or company that the individual does business with. For example, a bank, or a web service the individual may have an account with.

The goal of a phishing attempt is to trick the recipient into providing login credentials or other sensitive information. For instance, a phishing email appearing to come from a bank may warn the recipient that their account information has been compromised, directing the individual to a website where their username and/or password can be reset. This website will also be fraudulent, well designed to look legitimate, but exists solely to collect login information from phishing victims.

These fraudulent websites may also contain malicious code which executes on the user’s local machine when a link is clicked from a phishing email to open the website.

 

How to identify Phishing attacks

As noted above, phishing is most often initiated via email, but there are ways to recognise suspicious emails from legitimate ones. Training employees on how to recognise these malicious emails is a must for enterprises who wish to prevent sensitive data loss.

In many cases, these data leaks occur because employees were not armed with the knowledge they need to help protect critical company data. The following may be indicators that an email is a phishing attempt rather than an authentic communication from the company it appears to be.

  • Emails with generic greetings
  • Emails requesting personal information
  • Emails requesting an urgent response
  • Emails with spoofed links

When in doubt, contact the company in question to find out if the email is legitimate. If it is not, the company is now aware and can take action to warn others of potential phishing attempts appearing to come from their company.

Therefore, companies are exposed to risks which could disrupt business and potentially incur huge unexpected costs. It could also lead to loss of income and possibly reputational damage if companies are unable to trade. In addition, private information held on your employees and customers could be lost, damaged or stolen.

 

What can you do to protect your business?

TL Dallas has access to a number of insurers offering Cyber Liability Insurance to help limit the impact of any breach. We have detailed below how such a policy would work and the processes that would be put in place should a breach occur.

The policy is triggered either by:

  • Loss or suspected loss of non-public data. This could be as a result of misplaced/lost/stolen files or electronic devices used to store, process or transmit data e.g. a laptop, or, a malicious act that erases, alters or destroys data, whether caused from within or outside your organisation
  • Breach of privacy legislation, e.g. Data Protection Act 1998, or other similar privacy laws elsewhere in the world, or
  • The negligent or inadvertent transmission of Malware (any code to erase, deny access to, corrupt, damage, disrupt any network or system or circumvent network security) to a third party
  • Unauthorised Access – meaning access to, and use of your computer system or network infrastructure by any person not authorised to do so, including your employees

A breach could have a major impact on your company. Policies are therefore designed to support you throughout the process with an aim to get your business back up and running as quickly as possible. Typically, you would have one point of contact throughout who would work with you, leading and managing the incident response, tailoring the recovery programme to your needs. The devil is in the detail. Key points to remember:

  • Cyber frauds are unlikely to be covered under fidelity wordings or under ‘crime’ extensions to management protection contracts
  • Cyber wordings on the cover are continually evolving – take care and read all the terms and conditions
  • Be cautious of ‘knowingly surrendered’ exclusions – these will really impact the cover where an insured has been duped
  • Be cautious of ‘social engineering’ exclusions or sub limits

 

Contact your TL Dallas broker for advice or speak to Mike Martin or Matt Smith on 01274 456500 or email mike.martin@tldallas.com/matt.smith@tldallas.com for further details.

 

*Source: The Cyber Security Breaches Survey 2017