It’s unnerving to think that by 2021 global cybercrime is predicted to reach $6 trillion annually. If your business relies on internet access, email communication, accepts credit card payments, collects customer information, or stores employee data, your business is at risk.

A threat is any potential danger to information or systems. Threats could be an intruder accessing the network through a port on the firewall, a process accessing data in a way that violates the security policy, a tornado wiping out a facility, or an employee making an unintentional mistake that could expose confidential information or destroy a file’s integrity.

Threats must be identified, classified by category, and evaluated to calculate their damage potential to your business. Below are potential threats your business might face along with what might happen if there is an attack:

Technical Threats

  • Hacking - Hacking is now a multi-billion dollar industry for cyber criminals and provides opportunities for threat actors to extract data for political and monetary gains.
  • Cracking - Reverse engineering of software, passwords or encryption could lead to unauthorized access to sensitive information.
  • Malware - Malware disrupts computer operations, gathers sensitive information, or gains access to a computer system to compromise data and information. Examples include viruses, worms, spyware, keyloggers, and backdoors.
  • Misuse - Employees may take advantage of entrusted resources or privileges for a malicious or unintended purpose. Included in this category are administrative abuse, policy violations, and use of non-approved assets. These actions can be either malicious or non-malicious in nature.
  • Errors - Errors such as system misconfigurations or programming errors can cause unauthorized access by cyber criminals. Examples include SQL injection and XSS Scripting.
  • Data Leakage - Unauthorized electronic or physical transmission of data or information from within an organization to an external destination or recipient could leave data in the wrong hands.
  • Cloud Computing - Storing unencrypted sensitive data with lax access controls leaves data stored in the cloud vulnerable to improper disclosure.
  • Mobile Devices - Mobile devices carrying sensitive data can be lost or stolen, possibly causing data to fall into the wrong hands.
  • Availability Attacks - Cyber-attacks can be structured to extort or damage organizations whose websites or online assets are a major source of revenue.
  • Advanced Persistent Threats (APT) - Hackers will attack computer systems while avoiding detection and harvesting valuable information over the long term.
  • Third-Parties / Service Providers - Third-parties’ networks may be used by other external threat actors as an initial access point into an organization’s network.

Non-Technical Threats

  • Physical - Theft, tampering, snooping, sabotage, vandalism, local device access, and assault can lead to a loss of data or information.
  • Environmental - Natural events such as earthquakes, power loss, fires, and floods pose hazards to the infrastructure in which assets are located.
  • Insider Threat - Employees, contractors, or partners can commit fraud, espionage or theft of intellectual property.
  • Social Media - Employees often fall victim to scams or reveal information not intended for public knowledge.
  • Dumpster Diving - Improper disposal of sensitive data could lead to improper disclosures and sensitive information just sitting in trash bins.
  • Social Engineering - Attackers rely heavily on human interaction to gain access to company networks or systems, usually tricking users into breaking normal security procedures and revealing their account credentials.

Cybercrime is the greatest threat to every company in the world and the losses faced can be astronomical and crippling to operations. Luckily, Rockford Mutual automatically includes state-of-the-art CyberWay coverage on all of our businessowners policies! Ask your local agent for more information today!

*Checklist of common cybercrime threats obtained from our Cyber Liability partner, NAS Insurance.

Amy Ingram
Social Media & Communications Coordinator
Amy joined Rockford Mutual in January of 2017 with an Associates Degree in Marketing. Amy has a great understanding of insurance in general as she is currently working towards an Associate in General Insurance designation.