What are Meltdown and Spectre?

In early January, two techniques dubbed Meltdown and Spectre were revealed that could enable hackers to compromise crucial data such as passwords and encryption keys, from vulnerable computers. These include mobile devices and servers running on cloud computing networks.

Meltdown flaw

Meltdown affects nearly every microprocessor made by Intel, which makes chips for more than 90% of computer servers that underpin the internet and private business operations worldwide.

Vulnerabilities by themselves do not lead to data breaches. While they pose a threat, it is only when a criminal uses the vulnerability to launch an attack that a breach is possible.

Spectre flaw

Spectre is more difficult to exploit and much trickier to fix, according to researchers. While the Meltdown flaw is specific to Intel, Spectre has been issued by many processor manufacturers.

While broader than most known vulnerabilities, it is unlikely that Meltdown or Spectre will lead to a significant increase in cybercrime, or insurable loss,” Joshua Motta from Cyber Security specialists Coalition commented. This event demonstrates that cyber risk affects everyone, everywhere. This flaw is neither the first, nor will it be the last. While insurance cannot eliminate cyber risk, it’s the only tool that can eliminate the cost of cyber risk.

Cyber risk affects everyone

What impact will these integral cyber flaws have on the cyber insurance market? For a long time business interruption (BI) cover has protected companies from interrupted (or lost) income caused by unexpected events such as fires or floods. But in the digital age, non-physical interruptions often pose the greatest risk. This is why Cyber Security Business Insurance is so important.

How to be prepared

Despite being one of the fastest growing risks for Australian businesses, many organisations have not prepared for the financial impact of an interruption caused by a cyber event.

Data and trends indicate that organisations should operate on the assumption that cyber attacks will occur and that such attacks will remain a constant challenge. Sadly it isn’t a matter of if but when a data security breach will happen.

Types of Cyber Security Business Insurance

There are several important areas of cyber security for businesses to take into account. These include:

  • Privacy Liability (including suits by customers arising from system security failures that result in potential or actual unauthorised access to or dissemination of private information on the internet)
  • Content Liability (including suits arising from intellectual property infringement, trademark infringement and copyright infringement)
  • Reputational Liability (including suits alleging disparagement of products or services, libel, slander, defamation and invasion of privacy)

To discuss the appropriate Cyber Security Business Insurance for your organisation please call us on 1300 787 789