Cyber and Data Risk Management

Cyber and Data Risk Management
Increased digitalization, the development of Artificial Intelligence and cryptocurrencies, and an overall rise in cybercrime activities have impacted all sectors of the economy, including the art world. How can you better protect yourself and minimize your risk?  
In this article, our team examines three areas of increasing cyber risk: third party cyber risk (systems and platforms), non-fungible tokens (NFTs), and the changing regulatory environment.
 
Third Party Risks 
The art world is increasingly using technology to support its activities. Threat actors often target vendors, such as payment or communication systems, as access points to carry out malicious activities.  These systems contain sensitive customer and business information that can leave organizations vulnerable to ransomware attacks and cause reputational and business harm. Additionally, the increased reliance on technology for moving art exposes owners and galleries to loss of property, money, and trust.  

The Cyber Risks of NFTs
In recent years, emerging artists have turned their attention to unchartered digital platforms to showcase their work, with interested buyers and collectors increasingly looking to bid on and purchase the virtual assets. NFTs are gaining traction but their use carries inherent cyber security risks. 

•  Private ownership keys for NFTs are often stored on local computers in “personal wallets”, which, if compromised or lost, might be virtually impossible to regain. 
•  Digital asset trading often involves the use of “hot wallets”, connected to external servers that can be compromised.
• Third parties such as payment processors, smart contract / technology service providers and blockchain payment platforms might have weak security on their own apps and websites, which makes the assets susceptible to compromise through a supply chain attack.

Vanessa Leemans, the Chief Broking Officer for Aon’s Cyber Solutions EMEA, further discusses in an article  the risk of NFTs and proactive approaches to digital asset risk management.

Changing Regulatory Environments
The anonymity of the art market has historically enabled the criminal exploitation in the form of money laundering. To tackle this issue, recent regulatory changes were implemented in the EU, UK, and the US.

In the US, the latest regulatory changes affecting the art world to reduce art market money laundering has been the 2021 National Defense Authorization Act (NDAA). 

This act, expanded the US Bank Secrecy Act (BSA) to include requirements to the antiquities trade. In addition, this act mandated a study ““on the potential expansion of BSA requirements to persons engaged in the art trade”¹.

Ana Pereu, an Intelligence Consultant in Aon’s Cyber Solutions team, discusses these regulatory changes and ways to proactively implement a scaled due diligence program to meet the changing regulatory environment and compliance standards.  

Real Life Scenarios
The below are just a few examples of real-life scenarios of online security breaches that affected the art world

•  In 2020, through a ransomware attack, hackers stole private information from donor lists of over 200 institutions, including the Smithsonian Institution
•  In 2019, the Asian Art Museum of San Francisco was subject to a ransomware attack. Thankfully through the help of the city’s IT security, the museum was able to protect its data. 
• Nearly 3,000 subscribers to a New York City art gallery website had their names, email addresses and passwords posted to the internet by an unauthorized user². 
• Hackers broke into the servers of an art school in West Lafayette, Indiana stealing personal information of 1,200 students, graduates, professors, employees, and vendors³.

The Value of Huntington T. Block 
This article was written in partnership with the Aon Cyber Solutions Team. All articles can be accessed on the Aon Cyber Security website at: https://www.aon.com/cyber-solutions/thinking/
At Huntington T. Block (HTB), we share your enthusiasm for art. HTB is the oldest and largest managing general underwriter of Fine Art Insurance in the United States and has been an operating unit of Aon plc since 1992.  To learn about our fine art insurance solutions, get in touch with Huntington T. Block at HTBinfo@huntingtontblock.com  

¹ https://www.fincen.gov/national-defense-authorization-act
² https://bizlock.net/downloads/F-11057-420%20HTB.pdf
³ https://bizlock.net/downloads/F-11057-420%20HTB.pdf

Download PDF

Huntington T. Block Insurance Agency, Inc. is a licensed insurance producer in all states; Texas License #17489; operating in CA under license # 0825502. © 2021 Affinity Insurance Services, Inc.

 X-14283-0621