One COVID cyber threat you may not have considered

Cyber exposure for your clients has shifted from the obvious operational standpoint of remote working during the COVID-19 pandemic to a data retention standpoint, a Gallagher executive said recently.

“Many organizations are collecting personal health information on employees, maybe on customers [or] on guests, that perhaps they weren’t collecting in the past,” Brian Dagg, account executive, commercial insurance, with Gallagher said of companies that remained open during the pandemic. “It was never considered necessary or useful.”

Companies – including those in the Canadian insurance industry – could be collecting this data for things like contact tracing, temperature checks, or to prevent COVID exposure in the office environment. “Or there could be other forms of sensitive information that, again, wasn’t really considered useful even six months ago,” Dagg said during The Other Type of Virus You Should Be Worried About, a Gallagher Talks webinar held last week.

iStock.com/loops7

Dagg said it’s vital for the cybersecurity hygiene exercise to make a complete shift from the usual office environment into the home environment. Questions to ask regarding data retention in the “new normal” include:

• How is this information being protected?
• Have we changed our data retention or data destruction policies to adhere to the health information that we may be maintaining (and that we weren’t maintaining before)?
• How long is a reasonable time to maintain and safeguard this data?
• How is the information being disposed of when we don’t need it any longer?

Overall, Canada has seen a very large increase in cyber events in general, and ransomware specifically, Dagg said, adding that ransomware events growing in significance. There has been a trend for more threat actors to offer encryption tools to unlock data and to threaten to release data on the public-facing internet or dark web if demands are not paid.

Dagg’s comments were in response to a question about what impact COVID has had on these trends, and how has cyber exposure shifted in light of the pandemic.

“Early on in the COVID era of 2020, the Canadian Centre for Cyber Security documented [that] there were significant increases in reports of cybercriminals using coronavirus or COVID-related phishing campaigns and malware to try and entice users to click various links,” Dagg said. “We’ve seen this continue through Q2 and into Q3, with a certain uptick in claims activity from a social engineering or a business email compromise standpoint.”

Dagg also discussed the hardening market conditions and how that affects cyber in Canada. Globally, the sector is “starting to see inclinations of hardening in the cyber market, with carriers looking for rate in certain sectors of business,” he said. “More specifically, this is due to the very large losses being suffered on the global spectrum, but also the slower infiltration of these larger losses on our own borders in Canada.” He added that the market hardening in cyber is certainly not to the same extent as in property/liability lines and in D&O markets.

“How insurers handle ransomware in Canada, given the trends we are seeing, will be interesting to brokers and policyholders alike,” Dagg said, pointing to possibilities such as elevated retentions or co-pay requirements surrounding ransomware payments.

“I don’t know if it’s an immediate concern for us in Canada,” he said. “We will be keeping a close eye on it, especially as it evolves in other jurisdictions around the world where we tend to follow form from a rate standpoint or market standpoint.

“We’ll keep a close eye on the sustainability of these current rates, the profitability of insurers in this space as a result of these large ransomware payments, and the resultant business interruption they are paying as a result. This is ultimately what’s going to drive market appetite and these hardening conditions.”

Feature image via iStock.com/Creative Credit