Sepoy-logo
No Result
View All Result
Monday, December 11, 2023
  • Home
  • News
  • Business
  • Health
  • Tech
  • Lifestyle
  • Economy
  • Crypto
  • Travel
  • Home
  • News
  • Business
  • Health
  • Tech
  • Lifestyle
  • Economy
  • Crypto
  • Travel
No Result
View All Result
SEPOY.NET
No Result
View All Result
Home Business

Municipalities, school districts are large targets

Nicholas by Nicholas
November 3, 2022
in Business
0

Lincoln College was 157 years old when it was permanently shuttered in May of this year. Over a century-and-a-half, the Illinois school had weathered world wars and the Great Depression, but it was a cyber attack that ultimately shut it down. Though the college paid $100,000 in ransom to the hackers in order to recover data, they weren’t able to come up with the additional $50 million required to continue their operations. The combined financial impacts of COVID-19 and the ransom attack closed its doors for good.

In 2018, the city of Atlanta was also a victim of a ransomware attack that targeted city computer systems and caused a disruption in municipal operations. The city paid an undisclosed amount to the hackers before pouring an additional $2.7 million into recovery efforts to improve systems after the attack.

For Barret McGinnis, these two examples perfectly illustrate the risks that municipalities and school districts face, and the types of claims he sees as Underwriting Manager – Cyber & Tech at Tokio Marine HCC – Cyber & Professional Lines Group (CPLG), a member of the Tokio Marine HCC group of companies based in Houston, Texas.

“Public entities store a significant amount of valuable data on students, residents or employees such as addresses, Social Security numbers, and compensation information,” says McGinnis. “We see them targeted time and time again because that kind of data gives attack groups quite a bit of motive – and often schools and municipalities are susceptible because of the lack of controls they have in place, making them a bigger target than some of the other industry classes.”

Paying the price

During a ransomware attack or any other network cyber attack, operations can be severely crippled. Schools are unable to take attendance, upload grades, access or update their website, or easily communicate with students and parents. Municipalities are unable to operate their court systems which stalls tax payments or other critical municipal operations and, on the extreme end, these attacks could target 911 or 311 systems potentially putting lives at risk. To continue core business operations, municipal offices are often forced to revert to pen-and-paper techniques instead of the streamlined software they’re used to, which causes severe delays in their day-to-day business.

Public entities are managing strict budgets, so a cyber attack can be devastating, as it was for the city of Atlanta. Though many of these public entities are federally funded and have called on the Federal Communications Commission to provide additional funding to help offset cybersecurity costs when an incident occurs. Due to the current inflationary environment, school districts and municipalities are reprioritizing their budgets and making cuts wherever they can. In some cases, they are trimming the cybersecurity budget.  McGinnis cautions against this, “the cost of a cyber insurance policy is minimal compared to the short-term and long-term costs at stake if a cyber attack happens.

“We continue to see ransom payments far exceed the cost to improve security systems or purchase cyber insurance, so my message is to invest now in advance of an attack,” he says, pointing again to the plights of Lincoln College and the city of Atlanta.

“Getting ahead of an incident by implementing the right controls, improving security systems, and purchasing cyber coverage is the best practice.”

The best defense is a good offense

There are several ways that public entities can take to prepare for and mitigate the risk of a cyber incident. One is to maintain offline backups of data. Specifically, immutable backups are the most desired form. This ensures that there is an unencrypted version of the data that can be recovered. Additionally, employees are often vulnerable to a variety of cyber attacks. Staff who have never been trained on cybersecurity threats, given any guidance on what to look out for, or participated in simulated trainings are often unknowingly leaving doors open to intruders. That said, with the proper training and a robust security system in place “the likelihood of a cyber attack drops pretty dramatically,” McGinnis says.

It’s also important to implement a disaster recovery plan, as it provides organizations with a viable alternative to paying a ransom and gives them a clear strategy in a moment of crisis. Lastly, it’s key to ensure that remote access to their network, for regular employees and for administrative or privileged users, is secured with multi-factor authentication. They can also implement an endpoint detection and response tool (EDR) which actively monitors system endpoints in an effort to detect, respond to, and mitigate the severity of a potential breach.

One of the ways CPLG has been responsive to the changing public entity risk landscape is the implementation of continuous non-intrusive network scans to identify and notify organizations of potential exposures – this is a key supplement to strong internal security controls and training. Potential insureds who have not taken steps to properly secure their systems will often not qualify for full ransomware coverage, given their high susceptibility to future attacks. For these insureds, there may be a sublimit for ransomware coverage. In this way, CPLG can still provide valuable coverage to clients while they are working to improve their security posture.

Control requirements, along with higher retentions, are largely commonplace in today’s current cyber marketplace for this specific industry class, McGinnis notes. The difference can be found in the type of relationship CPLG cultivates with its insured.

“We partner with our clients to provide access to critical risk management resources, security vendors who help improve IT security and expertise to stay on top of the looming cyber threats that are always out there.”

Barret McGinnis joined Tokio Marine HCC – Cyber & Professional Lines Group (CPLG) in 2016. As an Underwriting Manager, he leads the West Coast regional Cyber and Tech E&O underwriting team. Barret is responsible for overall team development and supporting CPLG’s underwriting efforts, offering a variety of insurance solutions that incorporate broad first- and third-party coverage for cyber, multimedia, and technology errors and omissions exposures.

Source

READ ALSO

Climate change battering municipal finances across Canada

Central banks in the spotlight: Why this week is crucial for world markets

Tags: Barret McGinniscyber securityTokio Marine HCC

Related Posts

Climate change battering municipal finances across Canada
Business

Climate change battering municipal finances across Canada

December 11, 2023
Central banks in the spotlight: Why this week is crucial for world markets
Business

Central banks in the spotlight: Why this week is crucial for world markets

December 11, 2023
'None of us have had much sleep': Countries urged to phase out fossil fuels on COP28's final days
Business

'None of us have had much sleep': Countries urged to phase out fossil fuels on COP28's final days

December 11, 2023
Thousands march in Brussels and Berlin against antisemitism on Sunday
Business

Thousands march in Brussels and Berlin against antisemitism on Sunday

December 10, 2023
Latest news bulletin | December 10th – Evening
Business

Latest news bulletin | December 10th – Evening

December 10, 2023
COP28: sticking points remain on fossil fuels as talks near crunch time
Business

COP28: sticking points remain on fossil fuels as talks near crunch time

December 10, 2023
Next Post
Dapper Labs cuts 22% of its staff and cites macroeconomic difficulties

Dapper Labs cuts 22% of its staff and cites macroeconomic difficulties

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

POPULAR NEWS

Roblox Is Unbreakable Trello Is this safe?

Roblox Is Unbreakable Trello Is this safe?

November 4, 2022
Discord Registered Games  Discord Registered Gaming You need to join the Club

Discord Registered Games Discord Registered Gaming You need to join the Club

November 4, 2022
How To Chose the Right Data Analytics Program

How To Chose the Right Data Analytics Program

November 4, 2022
Heavy explosion on market square in Halle – three injured

Heavy explosion on market square in Halle – three injured

November 4, 2022

Shivon Zilis Wiki, Height, Age, Boyfriend, Husband, Family, Biography & More

July 11, 2022

EDITOR'S PICK

An Interview With Samir El Mahallawy: Strategic Champion Of Enterprise

September 4, 2022

The Flavors of Backwoods Cigars: What Makes Them So Special?

August 2, 2022
How insurance helps when converting office buildings to housing

How insurance helps when converting office buildings to housing

September 29, 2023
Zain Khan Durrani Wiki, Height, Age, Girlfriend, Wife, Family, Biography & More

Zain Khan Durrani Wiki, Height, Age, Girlfriend, Wife, Family, Biography & More

November 18, 2022

About

Sepoy.net is a perfect place for people who want daily updates on news related to business, technology, entertainment, health, cryptocurrency etc.

Contact: [email protected]

Major Categories

News

Business

Tech

Economy

 

Recent Posts

  • Climate change battering municipal finances across Canada
  • Nur mit grünem Strom kann ein E-Auto klimaschonend sein
  • Central banks in the spotlight: Why this week is crucial for world markets

Pages

  • About Us
  • Contact Us
  • Disclaimer
  • DMCA
  • Home
  • Privacy Policy

© 2023 Sepoy.net

No Result
View All Result
  • Home
  • Business
  • News
  • Health
  • Tech
  • Science
  • Lifestyle
  • Travel

© 2023 Sepoy.net

x