'Code Red' virus called off

Although the much-hyped 'Code Red' computer virus turned out to be a paper tiger, business should not turn a blind eye to the very real threat of cyber sabotage.

Last week, concern over Code Red's next onslaught, scheduled for midnight on July 31, was so great that the FBI was enlisted to try and halt a potential internet meltdown. In the event, however, the virus caused little more damage than that other over-hyped cyber monster, the Millennium Bug.

However, small businesses which depend on the internet need to be doubly vigilant against new cyber threats.

Companies should be aware that their computer systems are always at risk of disruption caused by hackers, cyber-thieves and viruses. Moreover, since cyber-villains are always changing their tactics in keeping with the dynamic nature of the web itself, it is difficult to design a truly foolproof set of defences.

SMEs may justifiably complain that they lack the financial, technological or human resources to implement a full electronic risk management programme, but that doesn't mean they are completely defenceless. Insurers have recently started to offer internet-dependent companies comprehensive policies against cyber-theft or vandalism. Small firms lacking the time or the technological savvy to build up their own specialised firewalls say that these are a cost-effective way of defending their business from cyber-attack.

While more and more 'E-surance' policies are coming onto the market, insurance experts warn that their cost can vary considerably.

"The difficulty lies in the fact that e-commerce is based on information, which is a lot harder to control and protect than, for instance, goods in transit. This means that the cost of the cover will vary greatly depending on the nature of the business," said a BIBA spokesperson.

One company that is specialising in E-surance for small businesses is www.clickforcover.co.uk. It is offering a new policy aimed at SMEs which, appropriately enough, can be bought over the internet. Click for Cover claims to have carried out extensive research to develop a package that is affordable and also relevant to SMEs.

One of its most worrying findings was senior managers' lack of awareness, the company says. David Walsh, managing director of clickforcover, explains: Threats such as viruses, hackers, information misuse, fraud and libel have the potential to cost businesses dearly in lost business, expensive law suits and damage to reputation, yet few are insured against it.

According to their research, of 500 companies surveyed few had taken even the first step to protect their computer systems adequately. Two-thirds of small businesses said that they do not have a firewall in place to protect against intrusion, and 76% say that they have installed virus protection software, but not on all of their systems.

If all viruses were as toothless as the Code Red worm, these companies would be risking nothing. However, it is not only possible but likely that the next computer virus with global reach will be far more destructive. Last year's Melissa virus, which disabled websites around the world, costing companies millions of dollars, illustrates the danger of surfing the web unprotected.

Typically, a company ought to take out insurance against business interruption, system recovery, and forensic tracking, along with possible legal costs stemming from e-commerce disputes. Whatever the scale of a business's e-related activity, professional advice is essential.

Companies should check existing insurance policies and look into buying more specialised cover. To find a broker contact the BIBA at www.biba.org.uk or call 020 7623 9043.