Cyber security threats for letting agents and property professionals

If you run a letting agency and believe your business is too small for hackers to bother with, then think again.

Big businesses tend to grab the headlines – like the recent British Airways data breach and the WannaCry ransomware attack on the National Health Service.

But nearly half of small businesses (46%) in the UK had reported a cyber attack within the past 12 months, according to recent government research, while 39% had no cyber security management plan because they judged their firms were too small for hackers to attack.

Cyber attacks are expensive in terms of reputation loss, compensation to customers, and downtime while networks and web sites are offline for repair.

The average cost of a repair following a hack was £1,380 and each business suffered an average of two security breaches in the 12 months covered by the survey, says the report.

 

Assessing the risk of a cyber attack

The implications of the breaches were ongoing for businesses:

  • 37% needed to upgrade security
  • 33% incurred extra staff costs to deal with the incidents
  • 23% were forced to stop day-to-day working
  • 19% had extra bills for system and data recovery or repairs

The first step in dealing with a cyber attack is recognising that your network, web site and data are at risk and it’s likely that someone will try and breach your security sooner rather than later.

Accepting the risk leads to considering what to do about a cyber attack.

This means sitting down with your IT department to run an audit or risk assessment to put  basic security in place and to develop an action plan that is triggered by a cyber alert.

 

Emergency response

What to do next depends on the urgency of the incident and the impact on the business and customers.

Incidents can range from negligible – such as receiving spam emails or antivirus warnings – to critical.

Critical incidents would typically involve data loss and denial of service attacks on public-facing web sites.

The aim of the action plan is to identify the category of attack and what to do next.

The emergency response would include how to protect systems and data while assessing how to resume normal business as soon as possible.

Cyber insurance as part of business cover would step in at this stage.

 

How cyber insurance can help

Expert help would cover several aspects of dealing with the incident, like:

  • Minimising any damage to reputation with a media team
  • Forensic professionals to gather intelligence and preserve evidence for a prosecution
  • Technical support to repair any system damage

Cyber insurance may deal with the cost of a security breach, but the government’s National Cyber Security Centre advocates taking steps to safeguard networks and data before hackers attack.

Surprisingly, only 57% of small businesses carry out a risk assessment or security audit to safeguard against cyber crime.

Small businesses also lag bigger firms in implementing cyber protection, with 73% having security in place, compared with 96% of larger organisations.

[Data source: https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2017]

Premiums start from £12.60* a month

*Based on £100,000 worth of cover. Plus insurance premium tax (IPT) currently at 12%.