Dec 2015
Cyber-risk: It’s About Being Human
banner image

Cyber-risk threatens every business that involves people. Fear not – Carbon met up with Jan Wilkins and Steve Morgan from Creative Risk Solutions to get some answers for you. Read on and learn how to protect your company and its reputation.


You’re probably imagining a nightmarish scene straight from Asimov. Or a nerdy criminal scheming menacingly over a keyboard.

Let’s clarify. Cyber-risk is the risk of economic damage arising from electronic systems. And yes, cyber-crime does happen to businesses. Motivated, intelligent hackers reach in and mine your data. Often, they attack your systems to access the companies that you have relationships with.

But as account broker Steve Morgan points out, it’s not all about hackers. “When it comes to cyber-risk, the phrase ‘hacking’ clouds peoples’ minds. In actual fact, most of these incidents happen due to human error or disgruntled employees.”

Companies like Carbon love developing a nurturing work culture. Could putting people first stop unhappy employees handing out cyber secrets?

‘Unfortunately, it’s not just about a happy workforce. You simply can’t eradicate risk,’ warns Jan Wilkins, Managing Director of Creative Risk Solutions.

Cyber-risk is no sci-fi story about big bad technology. It’s about the little things. The memory-stick you forgot. The email sent astray. The phone-call where you were just trying to be helpful. Steve Morgan explains: “You may have insured a laptop you left on the train. Great – just go out and buy another one. But what about the damage to your company when you realise that all your trade secrets were stored on said laptop?”

There are some things PC World can’t replace…


So who needs to worry about cyber-risk? It’s not about who you are. It’s about what you do. Cyber Risk Solutions are vital for all businesses that look after people. In your hands, in this case your virtual hands, you hold valuable personal information. This data encodes a basic human instinct: peoples’ need to feel safe.

As a fast-growing, disruptive venture, cyber-risk might well be at the bottom of your to-do list when it should really be at the top.

Data is in demand. Easy to access data is particularly tempting. For start-ups and SMEs, their name is everything. Small but perfectly formed reputations are just as vulnerable as those of the bigger players such as Talk Talk.

Picture the confusion. Your systems go down whilst you sort out a problem. Summoning your resources, you bravely absorb the shock of closing for business. Now, word gets out that you don’t look after your people’s information. And you have to build momentum all over again – this time, with a name that’s a little bit worse for wear.

Jan Wilkins says the PR factor is one of the biggest threats. In this bold new world of social media, a bad-name can spread like wildfire. Don’t forget, if a cyber ‘ghost’ appears, you won’t just be throwing money at the technical problem – there’s reputation damage to take into account too. That’s why a Cyber Liability Insurance Policy also helps fund your PR exercise to minimise reputation damage.

And for good reason! Check out this recent study by Deloitte. A momentous 73% of consumers they asked would reconsider using a company if it failed to keep their data safe. Only 51% would reconsider using a company that charged more for an equal level of service than other firms.

Think about it. Do you rely on delivering a better value service than other names in your field? Maybe priorities need rethinking!


The thing is, cyber-risk is an invisible threat. Jan explains: “You can’t just plug the leak or patch up the window.” People often avoid talking about cyber-risk because it’s scary. Maybe they ask their IT expert whether there are systems in place to deal with cyber-risk. The IT expert, feeling a bit criticised, mutters a series of outdated software ‘barriers’ or ‘safe-guards’. And the problem – the scary, intangible threat – goes away.

Except that it doesn’t. And when something happens, you realise just how human you are. You can’t just phone up the local bobby to cycle over as fast as his legs will carry him!

“There’s a word for what my clients experience at a personal level,” Jan says. “Devastated.”


So now we’ve terrified you, how about a solution? There are three simple things you can do straight away:

1. The first step is understanding your responsibilities. As a business, it’s up to you to protect your people against cyber-risk.

2. The next step is thinking about your risks. Where do your weaknesses lie? What have you already done to protect your reputation?

3. Pick up the phone and speak to your risk advisors. We love the friendly, flexible team at Creative Risk Solutions. They’ll help you assess your risks, and sort out the support you need.

It’s not all doom and gloom. We live in an amazing era, where we enjoy a symbiotic relationship with technology. “It’s like the industrial revolution”, Jan says enthusiastically. “It brings with it some really exciting possibilities for businesses, but it also brings new risks.”


Cyber-risk is not just the stuff of robots and keyboards. It’s at the heart of what we all do as innovative businesses. It’s in the elbow grease, sweat and tears that go into growing your team. It’s in the smile that your work inspires in other people. Without these things, cyber-risk would not exist, because there would be nothing for you to lose.

Put simply, cyber-risk is not just the risk of economic damage arising from electronic systems. It’s so much more than that. It’s about being human.