Cyber attacks targeting more small, midsize businesses: PanelPosted On: Apr. 16, 2012 12:00 AM CST
CHICAGO—The nation's small and midsize businesses are becoming more vulnerable to cyber crime, experts warned during an event hosted by the Chicago Council on Global Affairs.
Howard A. Schmidt, special assistant to the president and cyber security coordinator for the White House, said cyber crime threatens every aspect of life.
“Information networks are increasingly the backbone of our economy, infrastructure, national defense and personal well-being,” Mr. Schmidt said during the event last week. “Unique to cyber risk, there is no shortage of threat actors—whether they be local or international criminals or nation states.”
Mr. Schmidt said that as large corporations and the U.S. government divert more resources to defending against cyber crime, criminals will seek to exploit smaller entities with less wherewithal to defend themselves.
“As big businesses get better at protecting their assets, criminals are not going to give up; they are just going to look for the next set of victims,” he said. “So small and medium-sized businesses and state and local governments are now on the front lines of this even more than some of the large enterprises.”
While stand-alone cyber risk policies have been around for more than a decade, they have become more popular recently, said Lori Bailey, global chief underwriting officer of professional liability, Zurich Insurance Group.
“The numbers of companies that are buying (cyber insurance) is increasing,” Ms. Bailey said. “Also, the coverage has moved from a policy offering to more of a service offering. It's now about making sure that there is a team behind the policy making sure a company is prepared to respond to incidents.”
While the insurance industry and security professionals have made headway understanding cyber risks, greater awareness of information security is needed, she said. An employee clicking on a phishing email can nullify even the most carefully crafted security plan. “The process and technology part of this we get,” she said. “Social engineering has gotten very sophisticated and it is absolutely a driver of claims. People remain the problem.”
The event, “Cybersecurity: Protecting the Global Network,” was sponsored Schaumburg, Ill.-based Zurich Financial Services Group and convened leaders from business, government and academia to discuss the issue.