To be cybersecure, let's use cyber-intelligence and cybersecurity.

A cyber risk is any threat to our computer system that may have negative consequences for our company. The loss or theft of data, viruses or the manipulation of information may be the most common.

In recent times, the amount of news related to cyber risks has grown exponentially, the world has globalized and threats as well. The only way to guarantee that a business is not exposed to these cyber threats would be to completely avoid the use of the internet, which is unthinkable today.

Therefore, in the face of a scenario like this and to avoid cyberattacks, no company could completely isolate itself from online communications and transactions, so they must have tools that help them prevent these attacks and that are also in accordance with the new legislation on data protection.

According to a study by The Ponemon Institute In 2017 to small and medium-sized businesses in the United States, more than 61% had experienced a data breach, an increase of 55% from 2016. Another worrying statistic that the study throws up is that 60% of small businesses that suffer a cyber attack closes their businesses after 6 months due to the economic impact it represents.

This context of concern about cyber risks is not alien to insurance brokers, who, when handling large databases with sensitive information about their clients, are at all times at risk if they are not adequately protected.

The first step in the broker's cybersecurity strategy may involve the choice of technological tools that guarantee peace of mind and legal compliance. One preventive measure is the use of business applications and infrastructure in the cloud (cloud computing), which significantly reduce cyber risks by being normally behind the security systems of highly qualified providers in the matter and which at the same time allow you to carry out the daily management of your business and clients safely. It will be a "cyber-smart" election.

Data encryption

But, for the insurance broker as an entrepreneur, is the implementation of a cybersecurity strategy necessary? flatly yes. A strategy that, in addition to offering you peace of mind, complies with the legal requirement of the new General Data Protection Regulation (RGPD) that regulates the handling of your customers' information and that will significantly affect, as in other sectors, the operation of the insurance broker.

The new GDPR, in addition to requiring the hardening of access and user control and consent and evidence as two of the three most important adaptations, this also includes in its article 32, referring to security in the processing of personal data, the requirement to apply Appropriate technical and organizational measures to ensure an adequate level of security, including, among others, the encryption of personal data.

This encryption through the encryption of the information contained in the broker's databases should protect the hosting systems and their backup copies as well as safeguard the exchange of information, documents and access. Therefore, this update to the new regulation regarding measures for data encryption places an emphasis on both static and stored information and information in transit.

On the other hand, and as part of the strategy, the business broker must protect itself and hire a cyber insurance according to the needs of its business and that is oriented to the direct management of cybersecurity incidents. In the same way, you can extend it to your clients who are also not immune to a cyber attack on their respective businesses and will need an insurance product to protect themselves. This measure will help mitigate the impact of a cyber attack and the consequent financial loss of your business, which in turn prevents you from carrying out your business in a normal way.

Nuria Alfaro
Commercial, Marketing and Communication Manager

Download full article

Share