Is there a greater risk of your office being destroyed by fire or flood or business data being seized or corrupted by criminals demanding a ransom fee to restore it.
Would most professional firms find it easier to recover from the loss of its physical premises than to recover from the loss of its computerised data.
Professional indemnity underwriters are starting to enquire about the procedures their insured clients have in place to guard against cyber fraud. This increased scrutiny has to be seen in the context of an increasing number of cyber-related claims against professional firms.
Several conveyancing firms have reportedly received fake emails that appear to come from their clients, often late on a Friday afternoon, providing bank account details into which they instruct that the proceeds from property sales are to be paid. Only after funds have been transferred has it become apparent that the clients’ email accounts had been hacked and the email instructions had, in fact, not been sent by the clients themselves but by criminals masquerading as them.
Firms of accountants have also found themselves targeted as instructions to pay suppliers are sent to them that purport to come from clients but which actually originate from hacked email accounts.
Typically the hacked emails look very convincing.
Falling victim to a scam may just be a matter of bad luck but there are certainly steps that can be put in place to minimise the risk. Not only is it important to take preventative measures but, equally, if a firm faces a claim from a client arising from cyber-fraud, it will be of critical importance in the defence of the claim to be able to demonstrate that the firm had taken all reasonable steps to minimise the risk.
Polemic Forensic provide risk assessment services in relation to cyber crime and fraud.