Information technology has helped Adventist ministries overcome barriers of time and distance at lightning speed. We’re truly connected, allowing us to better advance our mission. However, it’s important to stay up to date with the latest cybersecurity strategies and protect our digital assets. Simona Cardwell is Account Executive (AE) for the North Pacific Union region and has decades of experience helping clients gain proper insurance coverage and safeguard their ministries from cyberattacks. Cardwell sat down with us to talk about how one of her clients overcame a recent cyberattack and why adequate coverage should be a priority.Konstantin Kulakov: Information technology continues to improve our ministries, emphasizing the importance of cybersecurity strategies with a proven track record. Have any of your clients recently experienced a cyber issue and could you tell us what was at stake?
Simona Cardwell: In the summer of 2023, one of my clients, a large school with a large construction project was making payments to a construction company. Their finance manager received an email message from someone who identified themselves as a representative of the construction company. The email stated that the company changed its bank account and asked them to make payments to a different bank account. The school finance manager made a payment over $400,000 to the new back account.
When the next payment was due, the company called and shared that they had not received the last payment due. What started as a phishing email developed into a full-scale social engineering attack, emphasizing the importance of cybersecurity awareness. If it was not for that call, the losses would have been bigger. Thanks to their coverage status through both Chubb and Beazly, both of which we offer, most of the loss was covered. If they did not have the coverage, they would have been out over $400,000. However, the incident did cost the school money, emphasizing the need for not only insurance coverage, but prevention.
KK: These incidents are more and more common. They can be very challenging for organizations and communities. What can schools learn from this incident in terms of insurance, prevention, and safe practices?
SC: Two things. Ensure that you are adequately covered for cyber breaches with your conference or ARM Account Executive. Second, do not send money to anybody until you call a trusted, direct telephone line and confirm. There are other concerns to consider. Schools and other ministry leaders should talk to their conferences about the limits, specifics, and expectations of their plan. If they do not follow the expectations of their plan—for example, engaging in unsafe cyber-related protocols— they can have claims denied. If you are a school or church, speak with your conference about cyber coverage. If you are a conference, reach out to your ARM Account Executive to ensure you are offering the best options to your ministries.
One of the options that may be accessible to schools is the Ninjio platform. Ninjio offers engaging, short videos on reducing cybersecurity risks. ARM website also offers infosheets, webinars, and articles on phishing and cybersecurity. Talk to your conference risk manager to confirm.
KK: Technology offers so many fantastic opportunities. It can also be used to take advantage of the ministries we care about. How can better insurance coverage and safer cyber practices enhance the mission of ministries?
SC: If you have less losses, you are not spending so much money in premium. In turn, that money can go to ministry. There’s also another level to this. If a community does not feel safe, that community may grow apart, and prospective members may feel discouraged. However, having a safe and inviting ministry builds confidence in your community. Cybersecurity protects your community, builds trust, and helps others feel good about your school, ministry, or organization.