“We quickly understood that it was a very serious accident”, remembers Gilles Gault, general manager of an accounting and consulting company with 700 employees in New Aquitaine. This weekend in October 2020, a computer operator noticed an abnormal display on his screens; on Monday morning, all of the company’s servers were down.
The origin of the cyberattack will be quickly identified: an employee accidentally opened a file attached to an email, allowing a virus to contaminate the entire computer system. This will be followed by a week of emergency crisis management and two months to achieve complete recovery of the systems. A period which could have been even longer if the company had not taken out an insurance contract against “cyber” risks, which enabled the very rapid intervention of a specialized service provider.
“They played the role of emergency workers intervening at the scene of the accident”summarizes Mr. Gault. “The first hours are crucial”adds Romuald Blondel, general manager of Cybex, this service provider. “If we do not take the first measures in less than four hours, we risk phenomena which aggravate the impact of the incident and complicate the investigations. »
This type of crisis in small and medium-sized businesses (SMEs), or even very small businesses (VSEs), insurers and their service providers deal with up to several dozen per day. However, cyber insurance is still not widespread. According to the annual study by the Association for Enterprise Risk and Insurance Management, published in May, the coverage rate was, in 2022, only 3.2% for SMEs and 0. 2% for microenterprises compared to 94% for the three hundred main French groups.
The dynamism of the large business market largely explains the growth of more than 50% of the French cyber insurance market in 2022, with 327 million euros in premiums collected. However, in SMEs and VSEs, progress is still slow, while risks are constantly increasing.
Four types of scams remain predominant: viruses, phishing (phishing) – messages attempt to lead their recipient to communicate confidential data –, “president fraud”, in which a crook usurps the identity of a company manager to have a transfer made for his benefit, and ransomware (ransomware), which encrypt all company data and then demand payment of a ransom in exchange for a decryption key.
You have 70% of this article left to read. The rest is reserved for subscribers.