Node Chats

Top Five Cyber Threats 2020

Where should you focus your cybersecurity efforts?

These top five threats are a good place to start:

Don’t let phishing scare you, this is an easily avoided cyber threat avoided by changing bad habits, learn more about it in our article here.

Ransomware worries? Discover personalised methods of attack to watch out for and everything else you need to know here.

Keep an eye out for the rest of our in-depth articles covering all five cyber threats individually.

Node Chats

Phishing, our biggest online threat to remote workers

Phishing is when you receive an email that tricks you into clicking on a link to a fraudulent website and then sharing private information, or opening a malicious attachment on your phone, tablet or computer.

If you trust the link you could be giving away your user names, passwords, Social Security numbers, bank details or installing malware, like viruses, spyware or ransomware on your device and at work you could be handing over access to your company and all their sensitive data.

Phishing is the top cybercrime in the US. In 2019, the FBI reported that it had claimed nearly 115,000 victims with victim losses at $57.8 million, an average of $507 per victim. 

Spotting the phishing attack

Don’t get complacent, the top branded security software (e.g. Norton, Bitdefender etc) are very good at taking out phishing emails before they hit your inbox. But, it’s a false sense of security as some still get through. In fact, in your personal life and as an employee, the next 100 emails you receive, possibly three or four will be phishing scam emails.

The most important golden rule. Change your mindset. Don’t trust emails and don’t click on a link in an email. I’m purposefully, stressing this as the golden rule, even though you think it to be too onerous and impractical. Nonetheless, for the next seven days examine every email (see tips below) and learn to change your mindset and start spotting phishing attempts. The extra time you spend on examining your inbox will build your confidence and you will feel much more confident about email management.

The only time you can trust an email is if it comes from an email address you recognise and the email doesn’t seem out of the ordinary. Even here, if it contains an attachment don’t click on it yet.

Make sure you double check the email address and not just the name. Give the sender a call if you are unsure. Malware is commonly passed between compromised emails accounts so even if the email address is correct that doesn’t mean someone else isn’t sending fraudulent emails from their account.

How to check for the signs of phishing. There are five signs:

  1. Poor grammar. As far as the US is concerned, most cyber criminals are based in overseas countries such as Russia, North Korea, Eastern Europe, China and Iran. For the majority, US English is a foreign language. They make spelling errors (although they have improved significantly in recent years) and make grammatical errors (much harder to improve upon). In fact, as you read the email you will make an on-the-spot judgement – this is well written, this is poorly written. If it is poorly written be wary.
  2. Suspicious logo. If the email is topped with the logo of a known trusted business or government department, then check it against the official website with a quick Google. False logos can have washed out colours, faded edges or imprecise proportions. In effect, it could be a poor copy and paste job. 
  3. Check the URL. Imagine you receive an email from NETFLIX containing a link. If you hover over the link (DON’T CLICK!) a small display will appear containing www.netflix.com plus suffices. You’ve validated the email that it is from NETFLIX. Job done. Imagine it reported www.netfilx.com or www.netflics.com then DO NOT click on the link. It’s false and belongs to a cybercriminal. In fact, any errors, whether spelling or design is a warning. Be super-cautious.
  4. Check the greeting. On my domestic accounts very rarely do I receive the greetings, ‘Dear customer’, ‘Dear subscriber’, ‘Dear friend’ or the more informal,’ Hi customer’, ‘Hi subscriber’. They say, ‘Dear Neil’ or ‘Hi Neil’. This is how customer-orientated domestic businesses tend to interact with their customers. Foreign cybercriminals make mistake ‘out-of-culture’ errors on greetings and/or sign offs. 
  5. Attachments. Legitimate companies don’t send attachments that you didn’t ask for and also would not request sensitive information via email.

If all are followed with the instruction to click on the link to learn more and/or correct the problem. Be super-cautious.

""/
Node Chats

Ransomware 101 – An evolving threat

What is ransomware?

Ransomware is a digital crime where your computer files are ‘stolen’ and encrypted, blocking you from your computer. To gain access to your files you usually have to pay a ransom, normally in bitcoin. 

It takes an average of 3 seconds after clicking an infected link for ransomware to start encrypting your files at lightning speed according to Arctic Wolf Networks.

There are three steps:

  1. You receive a phishing email containing the ransomware link.
  2. The victim clicks on an infected link, the ransomware is delivered and starts encrypting files. 
  3. A screenshot will then appear on your screen announcing the ransomware infection, how much the ransom is and how it’s to be delivered to the criminal.

Whatever, the screenshot wording says, the message is GOTCHA!

Who are the victims?

Ransomware is an international phenomenon. Although the majority of cases are heavily focused in the US.

53% of Ransomware detections came from the US in June 2018 – 2019

Canada receives 10% and the UK 9% following the trend of targeting English speaking countries according to Malwarebytes’ global detection statistics.

46% of SMBs have been targeted by ransomware, 73% have paid the ransom.

Shocking figures from Infrascale, highlighting that smaller sized businesses are certainly not targeted less because of their size.

The History of Ransomware

Ransomware has changed its nature in the last few years. About ten years ago, ransomware was a simple scam based on fake antivirus apps leading to a payment to ‘fix’ the problem. 

Then, the fashion changed to ‘blockers’ or ‘lockers’ that locked the user out of their computers asking for payment to be unlocked. 

Now, the fashion is for ‘crypto-ransomware’ that not only locks you out of your files but also encrypts your files. You will likely have to pay a ‘ransom’ in bitcoins to get your files back.

Bitcoin has significantly increased the success and profitability of ransomware of criminals. By using a bitcoin ‘wallet’ for each attack, then moving these wallets through chains of wallets, the movement of money is outside the traditional financial system and anonymous.

Crypto-ransomware

Crypto-ransomware is very effective. It generally uses unbreakable encryption and if the user has no file backups then the only solution may be to pay the ransom. 

Even if you pay you may not get your files back – don’t forget you are dealing with anonymous criminals!

The near-majority of people pay the ransom. However, a significant minority of payers do not get their files restored or the restoration instructions are not complete or do not work.

The cost is also rising dramatically according to the Coveware Q2 Ransomware Marketplace Report and this trend is what we expect to continue seeing.

The average ransom payment increased by 184% from Q1 to Q2 this year, nearly tripling the cost from $12,762 to $36,295

How are ransomware attacks delivered?

Spam campaigns hit millions of users daily. Just 0.001% of these spams finding a victim still means high profits to the criminals.

A click-rate of only 0.001% (and lower) is still very profitable to the criminal – they sent out 10m spam emails. At 0.001% click-through rate, that’s over $100,000 of ransom returns!

The most common way of infection is by a person(s) simply clicking on a link in a botnet-delivered email. Some of these emails will be categorised as spam and others deleted by the recipient, however, the criminal plans on these deletions. 

Ransomware criminals are now becoming more expert, innovative and audacious with their tactics.

They are finding ways to stay out of the spam folder to increase their click rate by creating more believable personalised campaigns with a higher ransom cost.

Personalised methods of attack to watch out for

1.) Social media

The newer trend is to ‘personalise’ the email using data from social media sites. The criminal collects data from sites like Facebook or LinkedIn and searches for potential candidates. 

Or, they may buy or hire email lists of individuals in a certain target industry and/or profession. Sure, the criminal is spending time and money but they will get a higher click-through rate.

On a much-reduced spam email volume, they might net $250,000 or more.

2.) Impersonation of the government or a business

Further variations are emails from well-known organizations such as a delivery note from UPS, an alert from the IRS (Internal Revenue Service), a family post on social media and so on. 

3.) Downloads

These infections depend on spam emails getting through. A more reliable method for criminals is to get the recipient to download an infected work-relevant file containing a macro, which in turn delivers the ransomware. 

Within the download is a macro that may initiate the ransomware at a later date.

As the criminals say ‘‘job done’’, and then they wait to receive their $250,000 returns. 

4.) Exploit kits

Another mechanism, now becoming more common, is the trend of ‘exploit kits’. Typically, these are fake notifications to update a piece of software from a reputable software supplier, such as JavaScript or Adobe Flash. 

Although seemingly reliable as a source, the download leads to the ransomware being installed. 

5.) Iframes

Further variations are ‘iframes’ installed on web servers and the web pages on the server. The ’iframe’ directs website visitors to the exploit server, which downloads the ransomware. Variations are particularly harmful. For example, an advert placed on a popular website is an advert that directs to the exploit kit. 

Summary

Simply put, it’s based on one inadvertent and simple action. Someone clicks on an infected link on an email and/or website – stop this and you stop ransomware.

We understand that it’s not always that clear cut which is why we provide educational materials to our insureds and educational content to our followers in the hope that we can contribute to the creation of a cyber-risk aware world.

Node Chats

Node Chats – Are you weakest or strongest link?

We’re back with another episode of Node Chats, your podcast for all things cybersecurity.

Neil Gurnhill talks to Gabriel Friedlander, Founder of Wizer, about citizen cyber training in the second episode of Node Chats.

We cover remote job scams, how to teach your children to stay safe online and much more.

“You really have to educate people if you want to have a chance in fighting cyber crime.”

Gabriel Friedlander, Founder of Wizer

Wizer is a full security awareness platform with 1-minute videos, phishing simulation and gamification. Offering both free and optional paid add-ons for the community and employees alike.

Here are some quick tips on how to be cyber smart:

  • Use antivirus software.
  • Update your devices when needed.
  • Start questioning links, never click on a link you don’t trust.
  • Always use strong passwords— characters, numbers and letters.
  • Be careful what personal information you share, particularly on social media.
  • Teach children not to post or share personal information such as their photograph, address or age.

If you prefer just audio, make sure to check us out on other platforms:

Hit the follow button to be the first to know about the latest cybersecurity news.

If you’d still like to know more, comment or drop us a message, we’d love to hear what you think.

Node Chats

Cyberman365 is live!

We are very excited to be welcoming our first clients onto Cyberman365!

We strongly believe everyone should have the opportunity to improve and secure their digital wellbeing, and now you can!

Cyberman365 IDNotify – What is it?!

PROTECT your identity and so much more with our comprehensive monitoring of your personal data, whether financial, medical or social.

ALERT receive instant alerts via text or email if your data is used fraudulently.

RESOLVE with our ID Restoration and Insurance coverage when you need it most.

Some of our favourite features:
– Lost Wallet Protection
– Social Media Monitoring
– Dark Web Monitoring

Cyberman365 HomeSafe – What is it?!

PROTECT – Our system will simulate possible cyber attacks allowing us to uncover vulnerable access points for the connected devices in your home. HomeSafe monitors 24/7 for potential cyber threats.

ALERT – We will provide step by step instructions for you to improve your home network to further reduce your chances of a cyber incident.

RESOLVE – In the event of a security incident an expert human response team is on hand to take over the network and stop the attack. If damaged, HomeSafe will restore your device, network and data.

Our favourite feature has got to be how it finds vulnerable access points and tells you how to fix them at home! No additional costs or experts needed.

After months of hard work, we can’t wait to hear what you think about our service and hope you love it as much as we do.

Check out our brand new website: www.cyberman365.com
If you have any questions, drop us a message.

Node Chats

Node Chat Podcast Launches!

We are proud to announce the launch of Node Chats, your podcast for all things cybersecurity.

Neil Gurnhill kicks us off with a hot topic, inviting David Kruse, Director of Business Development at Tetra Defense, to discuss the evolving nature of ransomware.

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.

A new organisation will fall victim to ransomware every 14 seconds in 2019, and every 11 seconds by 2021. (Source: Cyber Security Ventures)

This is a current, very real issue that affects large companies, small business and the everyday person.

Learn how to spot early signs that ransomware is on your network before encryption.

David talks about the factors that can influence early detection such as the level of information security systems that your company has in place to flag the invasion and the quality and skill of the person who compromised that network.

If you have a hacker that’s just a bull in a china shop and hasn’t quite figured out how to be more stealthy, you’ll see indicators of compromise all over the place.

David Kruse, Director of Business Development at Tetra Defense

Listen to the podcast for answers on everything ransomware, drop us a comment if you have any more questions and we’ll be happy to get back to you.

Don’t forget to subscribe to Node Chats and be the first to know about the latest cybersecurity news.

Find us on:

Tech

Business Activity Risk Profiling vs Scaremongering Will Increase Your Cyber Insurance uptake

The key to engaging with a potential client to discuss and provide cyber-risk insurance is to approach the discussions from their real business activities’ needs rather than any generalised knowledge they have gleaned from recent cyber-security threats or events reported in the national broadcast and newspaper media.

For example, most retail brokers engage too early in conversations about ‘hacking’, ‘denial of service’, ‘phishing’ and ‘social engineering’ and such like. As important as these topics are, it can often lead to a conclusion that the potential client has not been directly affected by these matters to date, therefore, they don’t need cover. Don’t forget the basic premise of insurance – it provides security for the future!

Our extensive experience at Node International, particularly in the USA and Europe, clearly tells us that the correct, and more successful, approach is to start with an evaluation of the potential client’s business activities.

For examples, each of these activities has a cyber-risk profile so even though the potential client has not dealt with (say) a denial of service attack, the fact that over 80% of their business depends upon an ecommerce website highlights the substantial cyber-risk. Or they are highly dependent on a supply chain and/or contractor, of which they know little about their cyber-risk policies, again highlighting their potential cyber-risk through the failures of others.

Taking this business activities profiling approach is a very logical systematic approach that engages the potential client. It is also quite simple to conduct. Start with a conversation about ‘mapping’ the high priority business activities and start introducing the question, ‘’What happens if…’’ Think of it as an ‘heat map’ of the business. When viewed overall, the client then sees the totality of cyber-risk they face. Then, the most effective cover can be assessed and priced accordingly.

It’s important not to think of early conversations as ‘selling cyber-insurance’ but providing an expert and value-added service to the clients. It is likely that they know very little about cyber-security and cyber-risk so building up the ‘heat map’ though sensible discussion helps the client. Nowadays, ‘helping the client to buy’ is far more effective than ‘selling’.

This is where Node International scores highly. As a wholesale broker and underwriter at Lloyds of London you can tap into our expertise and assistance. For example, by talking to one of our brokers before you go and see a client could help you tremendously. Even if you have never used Node International before, our brokers and underwriters are here to help you build your business.

Finally, lets step back a little. In the last two decades there has been a huge increase in businesses that are now dependent upon their technologies and digital capability. And, of course, the constant threat scenarios they face each day. From our experience, literally 99% of modern businesses (from small to large across all sectors) face at least one cyber-risk in their ‘heat map’. In effect, every business call you make is a potential satisfied client providing you approach it correctly and have a ‘value-added service’ at the forefront of your mind. As mentioned before, we can assist you with this essential skill.

Tech

WHY AREN’T MORE BUSINESSES BUYING CYBER INSURANCE & WE HAVE OUR FIRST GUEST | EPISODE #9

Why aren’t more businesses buying cyber insurance?

Today we have with us our first guest, Mr Mark Robinson, who is the managing director of Henderson Insurance Brokers and also a specialist in cyber insurance. Mark works in Leeds in Harrogate and we’ve worked together on projects for several years. What’s really useful is getting that retail perspective on how people are getting on with cyber, what people are facing and your experience of what people can do to sell more really. So I guess we’ve got some changes coming from the privacy framework that we all speak about and that will be a big driver towards the end of this year, as people begin to move towards getting ready for that. I guess what’s also interesting is what you’re doing with your clients in order to get that on their radar really.

Mark: I think one of the issues that you’ve touched on there is the lack of sales of cyber liability. The first thing we, as retail brokers, have an exposure to is the errors of omission. This is an issue whereby we don’t discuss the issue of cyber with our clients and therefore it’s not on their radar at all. In the event of a cyber breach or a data loss, the first person they point the finger to is there insurance broker and obviously if we have failed to mention it, there is an error of omission there. Or linked with that is if we miss sell a cyber insurance policy. So, if we don’t have a correct understanding of wording, in the terms of the cover and we miss sell it to them, well that can be almost as bad as not selling them a cyber policy at all.
So one of the things I’ve been tasked with across the Henderson Group is to develop a cyber strategy. The number one key point for us is education, and I think that’s true across the entire cyber security sector.

So what does that look like? Do you mean internally with your account holders or with your clients?

Mark-It’s across the board, so the first thing we’re looking to do is to educate within our business. So this is account handlers, our account executives that are going out to meet with the clients. I can say this because I used to be one, account executives are very structured in what they do. So, they will have or they will go into a client meeting that we know- and they’ll know how it’s going to run. Because we will have gone through it in our heads several times. Rightly or wrongly, there are two types of meeting an account executive goes to, a renewal meeting or a new business meeting. In a renewal meeting, you want to get in and out as fast as you can with renewal instructions and try to avoid any questions that’ll throw you off track! A new business meeting is to get in and out as fast as you can and to hopefully strike a new deal with the business. What we avoid, is any difficult questions that we don’t know the answer to…

Just before you go there, I think what you’re saying is, that it’s likely that the if the account executives feel comfortable about talking the digital risk and the various types of exposure, it won’t be missed.

Mark- Absolutely. So that’s where the education comes in, we need to make sure that our guys are educated enough to the extent where they can feel comfortable to go in and have that initial conversation about cyber insurance.

That’s where it starts that level of comfortability.

Mark-Absolutely. The issue is they’re frightened they’re going to be asked a question by the client and they don’t know the answer to that question and all of their credibility goes out of the window. So number one is the education piece, that’s a big part of it all. Once they understand the simple heads of cover and how it would be triggered that’s half the battle. Once our staff are educated, our staff can educate the clients. Another issue and again, an issue that is sector wide is the press reporting of UK cyber incidents. The UK press are getting better at reporting UK based cyber threats and breaches, but certainly you talk about two years ago, even just last year; if a client ever asked for an example of a claim, you ended up pointing them towards UBER’s claim or Playstation’s claim, or something that’s happened in the US. That’s fantastic and frightening, but does that really relate to a manufacturing firm, absolutely not.

I think that failure to resonate with the examples you’re giving to them, it doesn’t relate to them. As the consumer and purchaser, if they don’t feel that what you are offering them isn’t relevant to their business, you’re never going to sell it.

Mark- That’s it, it all comes down to the fact that as a sector, brokers and insurers as a sector aren’t making it easy for them to buy cyber insurance, because we aren’t making it very clear to them. We’re not making it clear to them what it is. It’s difficult to obtain, because of the amount of information that’s required…

Are you talking about the size of the application?

Mark-Yeah, exactly. We still for whatever reason, pigeonhole businesses. I.e. a technology business, manufacturing business. In all honesty is there such thing as a technology business anymore? A stand alone technology business, probably not. All businesses use technology now.

I think so, in some of the earlier videos, I’ve talked about businesses that have gone from non digital to digital enabled. I think you’re absolutely right, it’s very rare that businesses don’t do six or seven functions that have a digital risk attached to them and a cyber policy could help mitigate them against those activities. I think you’re absolutely right that the way that people are presenting the risk from a cyber liability approach, might be slightly misleading. It might be more effective for people watching this who are brokers, to perhaps look at profiling their activities. So looking at online banking, email, portable devices and helping account executives understand that, as opposed to going in with an eighteen page cyber application form and saying can you fill this out. Talking about cyber threats is a very ineffective way of selling the policy. If you’re talking about claims that aren’t relevant to them and talking about cyber liability threats that they don’t feel they have exposure to, you’re going to struggle to make a sale. Just going full circle in this, I guess what you’re trying to do at Henderson’s is to try to change the way your account handlers actually raise this issue. Through the educational activities that you’re doing, they’ll feel more comfortable in how to raise it and present it in a different way and the client has a better experience of learning about it.

Mark- It becomes an informed decision, rather than buying ‘this’ because it’s the new thing to buy.

You made a really good point that- So, I started in cyber and then transferred from technology to digital risk insurance about six years ago. Initially at that time, I was trying to sell policies, directly to the insured, it was insanely difficult because nothing was in the press. At the time, it was the FCA who were responsible with privacy and then the ICO formed. The Information Commission Office, you’re right, because you have to be registered with them and they do a lot about publication and notification, it really has gone from not being in the news to headline press. I think that’s really raised the awareness for the insured. They understand now that it’s a real threat. However, there still is that gap between value and what you’re putting onto the table. That’s got to be when the penny really drops.

We have got privacy law and regulatory framework coming out, which is going to make it more challenging and costly should a breach occur. I do really think there is a gap between the everyday business to which you would have thousands of within your organisation and the amount of people who buy cyber which is actually very small. You say the word ‘cyber’ to people and they believe that implies only if they rely very heavily on selling products online and if they’re not, then they don’t feel their digital risk exposure is a threat. One thing that we do a lot of here, is talk more about digital risk than we do cyber threats. I think that’s a really good tip to take away from this chat we’re having now. Try profiling your businesses and get your account executives to focus on the business’s individual threats.

Mark- I think the term cyber, as you mentioned, gets thrown around a lot, which puts a lot of people off when they don’t see themselves as a technology business. Generally, a cyber liability policy covers data, which extends to include paper records. Even so much as leaving a laptop on a train or in a taxi, or putting a file in the bin rather than confidential waste, is potentially a data breach.

Here’s the other massive point, most smaller and medium businesses, will outsource these responsibilities. They use third parties to hold that data or store on a cloud and often even for the shredding of business documentation. So the risk is usually out of their hands, but it’s still a very real risk and they will be responsible if something happens. I think you’re right, understanding that is really important.

Going back to what we were saying about profiling, we’ve seen such an increase in social engineering and I imagine that you don’t have many clients who don’t use online banking or are exposed to malware or ransomware. All of those things are covered by a digital risk insurance policy, but again people are shying away from it because they don’t understand that they are exposed. I think that’s really interesting piece where brokers can have more traction, by identifying, well do you have email? Yes? Then, these are the things you’re exposed to!

Tech

EPISODE #8

This week we’ll be focussing in on ransomware, whilst we’ve touched on ransomware more generally in a couple of previous episodes, today’s vlog will be honing in recent activity that’s affected our clients. We hope that sharing these recent developments will help give you some clues of what to look out for!

Ransomware is a much talked about topic and is generating a lot of publicity; it’s also something that we see crop up time and time again in our conversations with clients. We’ve actually had two incidents within the last couple of weeks that were very similar; fortunately both didn’t have a serious impact on their businesses. Fortunately our vendors were able to act fast and help mitigate and further nullify any potential losses.

The most recent feedback we have had from our brokers is that even though the threats are very real and very current, not all businesses see the need or think they are vulnerable and are not taking up the cover. In both these cases, we must stress, the businesses were non-digital, they didn’t have e-commerce; they had few digital aspects to their business (online banking, storing of employee data) they were exposed and fell victim. The way that the attack is happening is, the attackers are targeting the HR Department.

Attackers are targeting HR departments, quite simply because they are easy targets. They are used to receiving emails from unknown persons, whether it’s people speaking to them about opportunities within the company or correspondence with other businesses- either way HR are used to clicking on emails from strangers. Therefore, what’s happening is the ransomware email is opened by the unassuming employee, attached is a PDF document and an Excel spreadsheet. Whilst the PDF seems to be benign, the spreadsheet contains the malware designed by the attackers, to begin encrypting all of the files as soon as it is clicked open, asking for a bitcoin payment.

One of our goals and what we really try and work on is; We obviously want to be the insurance solution but as important, if not more, we want to be able to guide them offering them the tools to prevent. We’d much rather add value in that way, helping both you and the client, offering tools and resources through our offering that raises awareness of said potential issues, educating them with the aim on improving their risk management, preventing them from landing themselves in a sticky situation. Of course we’re still also there if it all goes wrong as insurers, but from our perspective it’s equally important to help them prevent as well as protect.

There are quite a few things that the insured can do, whether it’s having the right settings on their G-mail or Outlook, or simply keeping up to date with the right information. We’re always producing new material that contains all of the necessary pointers on what to look out for or what to be mindful of clicking on. We deliver this through our monthly webinars and weekly educational publications.
We wanted to bring this subject your attention, to make sure you keep your eyes open; especially with the high frequency attacks which have occurred over the past week. If you have any questions or want to learn more about the warning signs of malware and ransomware, as always please feel free to get in touch as We always enjoy hearing from you.

Tech

INTERNET OF THINGS & INDUSTRY 4.0 | NODE TV EPISODE #7

Hello and thank you for joining us for episode seven of Node TV. How time flies!

A huge theme over the last few weeks has been our excitement over the digital revolution. What we’re witnessing is incredible; as insurance brokers, underwriters and business intermediaries you’re trying to keep up with, as well as hopefully, trying to adapt and innovate with, is just phenomenal.

In light of that, one of the topics I have been asked about a lot over the last couple of weeks is Industry 4.0. Or more specifically, how we think the upcoming industry revolution is going to affect insurance.

Again it’s about understanding how fortunate we are to be at the very cusp of the industry’s fourth revolution. The first revolution, known topically as ‘The Industrial Revolution’ occurred in the eighteenth-century as the result of the discovery of steam power. Secondly, we have the mass-production revolution, assembly line production powered by electricity in the early twentieth-century. Then, of course most recently the third which kind of covers, the time through from the seventies to the nineties, where we saw the rise of computer and automation.

Now, we’re at the beginning of the fourth, the revolution that experts are referring to as the revolution of cyber physical systems. I think with the change that we are going to witness over the next twenty years, is going to create a very dynamic space within the insurance industry. Naturally, I want insurers to begin to look at this. I think it’s absolutely the right time to look at cyber liability insurance for clients; that’s the things we here about day in day out. That’s the data and the privacy, the business interruption, the infrastructure and network- the general hackable of side of things

But more than that, now is the time to look at the internet of things and the interconnectivity of devices and machines. It’s crucial to understand that with the progression that we are going to see happen over the next twenty years- the internet of things is not going to go away. We speak to insurance brokers all over the world, every single week and we’re constantly reminding them this. As well as doing everything we can to help them find confidence and assist them in discussions with the insured.

Frankly there is a lot of money to be made. We all like to do a deal, but also it’s a necessity, as it isn’t going to go back. We need insurance brokers based in all corners of the world to get informed and to get comfortable discussing the internet of things., the digital revolution and the technology standpoint. We’re at a point where manufacturing, is going to completely change, so it’s important to ground ourselves now.

I was actually reading a really useful study the other day, which has inspired me to collate together run some services off that are most going to be impacted by the industry 4.0. Within all service industries, we’re going to see a complete alteration of their business models. How people look at reliability in their infrastructure, the IT security, the machine safety, the product life-cycle, industry value-chain, work and education skilled economic factors. It’s all going to be turned on its head. I think it’s crucial that everybody starts to address and considers these. They say risk, I say opportunity!

We also believe that certain products around the cyber and ENO are going to have to absolutely change; thus again prompting a complete shift in the way in which we underwrite these types of risk. Perhaps most importantly, the information we will need ourselves, in order to underwrite these risks is going to change.

Whilst it might sound daunting, don’t lose sight of the excitement that comes with change. We’re really excited and hopefully you are and will be too. Get some confidence and start to have the conversations with the insured, as the industry 4.0 gains speed, you will see great benefit from being involved!

1 2
Recent Comments
    About Node International

    We provide leading comprehensive insurance coverage combined with essential cybersecurity prevention and detection tools.

    Related Links
    Cyber Insurance Newsletter

    Interested in Cyber Insurance?

    Privacy Settings
    We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
    Youtube
    Consent to display content from Youtube
    Vimeo
    Consent to display content from Vimeo
    Google Maps
    Consent to display content from Google
    Spotify
    Consent to display content from Spotify
    Sound Cloud
    Consent to display content from Sound