Nainen tutkii omaisuuden ja toiminnan kyberriskejä tietokoneellaan.

Property and operational risks

Cyber risks

Taking care of data security is of utmost importance for securing the continuity of your business. Loss of reputation may hit your company even harder than the actual financial loss. This is why you should ensure that your company’s data security is tight and up to date.

Manage your company’s cyber risks

  • Check that the technical basics of data security are in order: anti-virus software, firewalls, encryption, limitations on using portable media, etc.
  • Make sure that your products and services are secure.
  • Categorise all data and make confidential information secure.
  • Create a “clean slate” culture for your whole organisation.
  • Provide data security training for your entire staff, keep them up to date on threats and test their know-how.
  • Retrain, re-test, reward for sound data security practices, motivate a good data security culture.
  • Know the data security regulations of each country in which your company operates.
  • Create a continuity plan for your company in case of data breaches or cyber attacks.
  • Inspect your subcontractors’, service-providers’ and outsourcing partners’ data security risks relevant to your business and protect your company from them with comprehensive contracts.
  • Create a social media strategy for your company and prepare for crisis communication also in social media.
  • Ask an external party to attempt access to your systems and to test the vulnerabilities of your company network.
  • Keep your company’s senior management and board of directors up to date on cyber risks and their management.

An EU regulation pertaining to the protection of personal information 

An EU regulation improving the rights of registered persons and setting new responsibilities for data controllers has been approved by the European Parliament. 

The reform puts an emphasis on data controllers’ personal information protection practices that are either preventive or built into their daily operations. High-level data protection must be a part of the daily operation of organisations. Data controllers are to name a data protection officer whose responsibility is to ensure that the data controller acts in accordance with the personal information processing rules. The data controller must inform the controlling authority and, if required, the registered person if a data breach has taken place.

In addition to this, the controlling authority has the right to enforce a penalty on the data controller for breaching data security rules. The penalty may equal several percentages of the organisation’s revenue.

Protection instructions
For entrepreneurs, the least costly loss is one that can be prevented altogether.
 
By following our safety regulations, you can prevent losses and reduce the amount of damage and harm to your business.
Nainen istuu kannettava tietokone sylissä ja pohdiskelee mitä kaikkia tietoturvariskejä hän välttää kybervakuutuksella.
Is your company prepared for data damage?
Cyber-thieves can steal your company’s most valuable asset: information. Cyber-insurance protects your business continuity.