Every business should have a good understanding of the risks it faces.
Over the past few years those risks associated with technology and the internet have created a whole new sub-genre called cyber business risk. Whilst there are not too many new and emerging physical risks for most organisations, as fire, flood and property crime have been well understood for decades, cyber risks seem to be boundless in their ability to disrupt with a constant churn of new and innovative threats.
One significant cyber threat emanates from the use of email and attachments.
As email is all pervasive, attachments have become the preferred way to send quotes, invoices and literature. In support of this, vendors have been adding richer functionality to their document standards enabling the document to be more than just a collection of words. These additional features provide hackers and criminals with novel ways to implant criminal malware inside businesses to steal and corrupt data.
To address this problem, business needs to consider the use of content assurance tools that thoroughly examine, test and remediate business documents that have drawn the attention of hackers. Traditional anti-malware is no longer sufficient, only specialist tools will do the job.
Not every risk can be managed to a point that it will no longer affect a business. To that end, cyber liability insurance should be considered alongside content assurance, technical controls, governance, policies, procedures and end user education to provide stable and firm cyber risk management.