Small-fry Syndrome is said to also be based upon a lack of knowledge about how cyber criminals operate. Many businesses who refuse to buy it are not aware that they operate in a virtual goldfish bowl and are visible to any cyber criminal, through their data, their websites, their social media and the vast amount of data that exists about them on the World Wide Web.
They are also unaware that their fish tank could be the very thing that lets a cyber criminal into their systems and then into those of bigger fish in the pond.
Gauntlet’s managing director, Roger Gaunt, says: “Only 11% of businesses buy cyber protection, which is a frighteningly low percentage in the world that we live in, particularly when the cost of such protection is relatively low and the risk of becoming a victim extremely high.
“Businesses seem to be unaware of the fact that there are weak links in their armoury that are not just based on human error – typically opening a malware link or attachment – but also opening up to cyber criminals via the Internet of Things and our ever-increasing connectivity. If a connected device is not password protected, or does not have firewalls, it can easily become the gateway through which a cyber criminal can enter an entire connected system.
“We have christened the attitude of mind that is prevailing ‘small-fry syndrome’ because one known breach started when cyber criminals got into a system via a connected fish tank. From instances like this, the hackers both infect and disable the first business or individual’s systems and websites, but then find routes through to other bigger fish, using what is known as a stepping stones strategy. So, on that basis, smaller businesses are often very much the target, as they are the entry point into more lucrative sites where data can be stolen with the intent of committing fraud.”
Figures show that 85% of fraud is cyber-enabled, with criminals harvesting information once they have breached a particular site or network and then using it to their advantage.
At other times, criminals set up their own wi-fi hotspots, encouraging people to connect, so as to check their email and social media sites, so that another means of entry can be obtained.
Gauntlet, which has handled the insurance requirements of many bus and coach clients for over 25 years, as well as providing insurance to professionals who work on the road as sales people or consultants, says that this type of client needs to be particularly vigilant when it comes to wifi hotspot dangers. Tempting though it is to enter a wifi network that is not password protected, when in urgent need of connectivity, it can be your downfall.
The long-established broker is urging any bus and coach operator who has no cover to get in touch on 0113 244 8686, to discuss the type of cyber security they should have in place. Businesses do not have to know the jargon relating to the cyber world, as they will be guided through the cyber-insurance-buying process.
“We have to shake the ‘small-fry syndrome’ phenomenon,” says Roger Gaunt. “There are so many cyber sharks circling the fish tank all the time, that it is no exaggeration to say that every bus and coach operator should have cyber insurance in place. The costs of trying to put a breach right can bring a smaller operator to its knees, whilst any data breach could also result in action being taken under GDPR regulations. No business should be risking that.”