Cyber security: a changing threat

words: Brian Hart, SAIFInsure

In the difficult times that face us all currently, we shouldn’t lose sight of the increasing threat of cyber attacks.

Funeral directors have always been considered one of the lower risk professions, but the scammers and cyber criminals have become ever broader in their targeted ‘market’ and methods of attack.

This challenging time has meant that the workplace is changing for all businesses and in some cases probably on a permanent basis with more and more people working from home and, consequently, it’s important to ensure that your business is protected wherever this broader workplace may be.


  • You should ensure you have a virtual private network (VPN) which ensures that you have a protected private network connection. This provides a number of security features, such as hiding IP addresses, encrypting data transfer and masking locations. You should also ensure that if you’re utilising an employee’s device then additional encryption is in place should this be stolen. If you do have this that is an excellent start, but do remember to ensure that it’s fully patched and also remember to ensure that the correct number of licences, capacity and bandwidth may need to be looked at if the number of remote workers has increased.
  • Ensure that all remote work technology has the same account access restriction that your on-site software has and ensure that only trusted, competent staff have access to it.
  • Antivirus and malware protection should be installed and maintained to ensure that your security is up to date.

We at SAIFInsure incorporated a small level of Cyber Insurance cover into our standard commercial policy to protect against basic third party losses and while we would like to go further as standard, this would increase the costs of the general package policy substantially and unnecessarily in most cases.

We appreciate that some have a large number of offices with more sophisticated systems holding sensitive data, such as payroll and payment details, whereas others will be smaller operations holding very little as they may sub-contract payroll and HR matters.

There has been an increase in the number of phishing and malware attacks and an increase in the number of funeral directors contacting us asking for a quotation to increase their coverage accordingly, including first party cover (cover for yourselves and not just third parties).

The argument has traditionally been whether this is something that only really affects large companies, and in the financial services and media world. This takes us neatly into the area of what a cyber attack could really look like, its impact and what needs to be done to remedy the situation. Below and opposite we have three scenarios which affected small to medium size businesses and were paid under a cyber policy.

Claims examples

Scenario 1: Employee Error

An HR recruiter sending out an incorrect file attachment to four job applicants which contained various former employee names, addresses and National Insurance details

Outcome under Privacy Liability

Defence expenses from regulatory investigation: £55,000

Defence and settlement costs for claims employees had their ID stolen: £100,000

Incident Response Expenses

Managers’ fees: £5,000

Notification to affected individuals: £3,000

ID theft monitoring services for affected individuals: £13,000

Legal consultation fees: £10,000

The overall cost of a simple human error was £186,000.

Scenario 2: Ransomware Attack

An employee of a manufacturer clicked on a malicious link in an email which then caused malware to be downloaded onto the company server encrypting all of the information. A message then was received demanding £10,000 Bitcoin within 48 hours.

Outcome under Network Security Liability cover and Cyber Extortion

Cyber extortion costs – IT consultant fees to assess back up options: £14,000

Incident Response Expenses

Forensic investigation to locate malware, its impact & containment: £18,000

Legal consultation fees: £7,000

Incident response manager fees: £6,000

Data asset loss – replacing lost/corrupted data: £15,000

The overall cost was £60,000 and more than the demand, but ransom payments are discouraged by law enforcement agencies and it still leaves weaknesses within the company for future occurrences.

Scenario 3: Media – Disparagement via Email

An employee sent an internal email containing negative comments about a service provider. This was forwarded and eventually found its way outside the business and to the service provider ultimately. A lawsuit was then brought against the company for damaging its reputation.

Outcome under Media Liability

Defence and settlement costs for claims from third party: £150,000

Incident Response Expenses

Crisis communication services: £12,000

PR relations for reducing reputational impact: £16,000

Incident response manager fees: £3,000

The overall costs were £181,000 for an internal email with negative comments.

While the overall risk remains low compared to other sectors, it nevertheless remains and please do contact us by email or call us on 0203 603 4194 for a bespoke cyber quote with limits and covers attuned to your business’ individual needs.

Tags: , , , , , , , , , , , ,