As a franchise business operating in today’s digitally connected world, your business faces several cyber liability risks. Typically, most franchisees do not consider themselves at risk for a cyber attack and have failed to take measures to secure their systems and data.
It’s important to first recognize the scope of your cyber liability risks and then learn how to protect against them.
Cyber Crime Is Big Business
For franchisees like you, cyber crime is expensive, causing damage or destruction to your digital files, stealing time and money away from your franchise business, and defrauding customers through the theft of their personal and financial data stored on your computers.
Costs balloon even more when you consider the risk of business downtime, expert IT support, business restoration, regulatory actions, potential judgements and reputational harm.
According to Cybersecurity Ventures, if the cost of global cybercrime was measured as a country, it would be the world’s third-largest economy after the U.S. and China. Cyber crime damage costs are already expected to hit $6 trillion this year, growing to $10.5 trillion by 2025.
Common Cyber Liability Risks for Franchises
The biggest cyber liability risks for franchises are:
Wire Fraud—A scheme to defraud or obtain money based on false representation or promises.
Wire fraud often targets franchisees in business to business transactions for investments, goods or services. In a recent case, an owner of several pizza franchise locations returned from an overseas business trip to discover $450,000 had been diverted out of his accounts in a wire transfer scheme. The cyber criminal had used the absent owner’s email account to arrange the transfer with his assistant while he was gone.
Social Engineering—A tactic often employed by cyber criminals for confiscating confidential information through manipulation of a person or business.
Social engineering can be used against franchisees to gain access to a franchise’s finance records or customer financial data by tricking an employee into giving the criminal access. Franchisees are at risk of social engineering attacks through business email compromise (BEC) scams.
In the case of the pizza franchise owner, the wire fraud was conducted with the executive’s assistant over email, after the criminals gained access and studied how the business operated.
Ransomware—A type of malicious software designed to block access to a computer system until a sum of money is paid by the victim.
Hackers can infect your systems through emails, downloads, filesharing or compromised websites. Ransomware can be used against a franchise’s local computer systems as well as franchisor systems your business depends on, locking up operations for days or weeks and impacting your reputation with customers.
Protection from Cyber Liability Risks
Franchises affected by wire fraud, social engineering and ransomware attacks have lost millions due to the interruption of their business operations and hit to their reputation. Here are ways to protect against the 3 key cyber attacks:
- Protect Against Wire Fraud
- Require approval of transactions by both parties.
- Verify by calling the phone number already on file and never confirm by email alone.
- Use a secure, dedicated computer for transfers.
- Enable email encryption to protect communications.
- Separate duties, limiting the overlap of duties related to financial transactions.
- Review account statuses frequently, looking for anything out of the ordinary.
- Train all staff thoroughly on computer safety and funds transfer best practices.
- Treat all emailed transfer change requests as potential fraud and verify and validate the payment details before proceeding.
- Protect Against Social Engineering
- Train employees on social engineering fraud risk.
- Control access to payment and transfer details.
- Never share confidential info over phone or email.
- Verify customer or vendor info for change requests.
- Always call ahead before making any large transfers.
- Double-check account numbers before you hit send.
- Report any suspicious emails or phone calls to your IT professional.
- Protect Against Ransomware
- Train employees to recognize ransomware attempts.
- Backup systems securely with offline storage.
- Always install new security patches and software updates as they become available.
- Turn on two-factor authentication for login access.
- Scan and filter email and web traffic for better safety.
- Monitor the network for unusual or suspicious activity.
- Limit access to protect employees and company data.
- Create an incident response plan to minimize risk if an attack does occur.
Franchisees should remember that even with the best training and safety practices, it’s still possible to become a victim of cyber crime. With the rise in cyber attacks on franchise businesses, it is important to protect against the costs associated with these attacks by purchasing the necessary insurance coverage.
To combat the risks, Lockton Affinity is providing access to CyberLock Defense. This a one-of-a-kind cyber liability policy offers:
- Full policy limits for cyber extortion and ransomware
- Business interruption expense and extra expense up to full policy limits
- Incident/claim intake managed by a law firm that establishes attorney-client privilege upon first contact
Along with this broad coverage, CyberLock Defense, administered by Lockton Affinity, offers flexible policy limits that range from $100,000 to $10 million. There are also no sublimits, so the policy limit you select is the policy limit you get. If you select a $5 million policy, you have full access to your $5 million policy limit, even for incidents of cyber theft, social engineering loss, ransomware and more.
Protect your franchise business today at CyberLockDefense.com or (844) 868-7144.