Cyber threats

Quick links
Accessing digital services and data is essential to run almost any organisation in the modern world. 

This has also created a new set of potential security and business continuity vulnerabilities. Over the last four years, cyber threats have been ranked as the top risk facing UK businesses by the Allianz Risk Barometer.

Any company holding data, or reliant on digital services, can be affected by cyber criminals, even if they aren’t targeted directly. Loss of data can happen all too easily – causing wide-reaching and highly damaging consequences.

Physical risks are also relevant in ensuring a robust cyber infrastructure. Power surgesfire, water and impacts can all cause damage and create difficulties for the organisation. Additionally, theft can be a problem. Not only the cost to replace equipment, but also losing work in progress, not to mention the legal, financial and reputational implications if sensitive information falls into the wrong hands.

Key actions to defend against cyber threats

  • Ensure that your processes and defences meet the standards needed to comply with the Data Protection Act, including the changes enacted by the integration of the General Data Protection Regulation into UK legislation in May 2018.
  • Make sure all IT passwords are changed within appropriate timeframes, are at least eight characters in length, and that they contain a combination of alpha, numeric and special characters.
  • Consider restricting information, websites and programs that can be accessed using your organisation’s equipment and internet connection. Only relax restrictions where it’s necessary, so an employee can do their job (e.g. social media for marketing).
  • Review how employees working remotely and outside organisations access your systems.
  • Provide information and regular training so employees and others who access your IT systems understand how a business can become the victim of a cyber-attack.
  • Use a reliable spam filtering service and educate employees so they recognise and don’t open emails that could be malicious.
  • Have a procedure in place ensuring access rights are promptly deleted when an employee leaves the business, an outside organisation no longer needs the access or if a connected device is lost or stolen.
  • Encrypt all drives, especially portable devices, so only authorised personnel can read the data within.
  • Keep firewalls, anti-virus and other IT security features up-to-date, and make sure the products being used are independently tested.
  • Check that any third party data storage facilities are independently audited and/or are accredited, as well as those that you own and operate.
  • Don’t forget to think about the physical risks that could affect devices and result in data corruption, loss or theft, such as burglary, accidental misplacement and fire.
  • Read through and act on our advice about data management to further protect yourself against cyber threats.
  • Consider applying for Cyber Essentials certification. This is required for certain UK Government contracts but is increasingly becoming necessary when working with large firms.

Relevant suppliers

We have a broad range of preferred suppliers whose products and services are available to Allianz Commercial policyholders at special rates, including:

Cyber security

Pre-employment checks

Key security

Business continuity

Additional resources

Getting the standard right

Find information on regulations that you and your business may need to comply with.
A-Z of legislation

Forms and checklists

Some of our templates may be useful when developing security systems.
Browse the range

Ask an expert

Got a risk management issue that you'd like to talk with someone about?
Send us your query
Frequently asked questions
Find answers to some common queries about securing property, vehicles and stock, and protecting people against potential threats.
Search FAQs

Related topics

All of these topics need to be considered to help protect your business and customers from cyber threats.
Contractors and temporary workers
Data management
Customers and other visitors
Employee fraud and theft
Flooding
Gaseous fire suppression systems
Inaccessible premises
Lightning and power surges
Loss of power or connectivity
Management of keys and access codes
Passive fire protection
Security fog systems

Useful links for cyber threats

More guidance and support on defending your business against cyber threats can be found at:

BCI (Business Continuity Institute)
BSI (The British Standards Institution)
CPNI (Centre for the Protection of National Infrastructure)
CREST – Ethical Security Testers
Cyber Aware
Cyber Aware - Cyber Essentials
Gov.uk – Data protection
ICO (Information Commissioner’s Officer)
ICO - Cloud computing
ICO - Guide to data protection
ISF (Information Security Forum)
ISO (International Organization for Standardization)
ISO - ISO/ IEC 27000 family – Information security management systems

Follow us