According to a recent Accenture study South Africa reportedly experiences 577 malware attacks per hour resulting in losses of R2.2 billion per year. Cybercrime is undoubtedly one of the most serious risks that businesses today face. In the past, many businesses, especially smaller ones, may have deprioritised cyber security insurance but now, with advancements in technology and the rise in remote work, it is a crucial part of any risk mitigation strategy.
Philippa Wild, Head: Commercial Underwriting from Santam says, “Cyber security is important for everyone with an online presence, more so for businesses with the responsibility to protect customers and their information. The ramifications of not having adequate cyber insurance can be severe. As businesses incorporate more e-commerce into their business models and grow their online presence, it becomes increasingly important to be protected from cyber criminals.”
Why should businesses care about cyber insurance?
One great advantage of having cyber insurance is that it enables a business to bounce back from specific business interruptions and financial losses incurred because of cybercrime. Cyber insurance also helps with the practical side of getting IT experts to restore systems, recreate data and pre-empt new threats. Cyberattacks can result in:
- Liability for accidental loss of data.
- Liability for loss of data and its consequences by deliberate, dishonest, negligent, and fraudulent means.
- Accidental damage caused by computer-driven property or equipment.
- Loss or damage caused by failures or computer malfunction.
- Loss, damage, and liability caused by algorithmic errors and malfunction.
- Loss of intellectual property, reputation, and business opportunities.
Insurance can help protect a business against these risks. The insurance contract will contain all the necessary details for a client to understand how and to what extent they are protected in the event of a cyber attach.
Which businesses are most at risk?
The simplest answer is that any business that has any kind of online presence or stores customer data should invest in cyber insurance, but this is especially true for businesses that do the following:
- Storage of credit-card data: You could be exposed to security breaches in terms of your customers’ confidential information, running the risk of liabilities occurring from breach of their privacy.
- Storage or processing of sensitive third-party data: You could have contractual liability if third-party data is leaked, in addition to harming the brand’s reputation.
- Uses a transactional and interactive website/e-commerce platform: This means you could face regulatory penalties if a breach were to occur.
- Using a cloud service provider to store sensitive information: You could be held accountable for any information lost during a breach of the system.
How to protect yourself:
Most importantly one needs to have a holistic risk mitigation strategy in place and take proactive steps to minimise the chances of a cyber-attack. This is called maintaining good digital hygiene. Employee education is key to this and taking these steps will help keep all stakeholders protected:
- Understand your password philosophy and minimum requirements.
- Recognise the signs of phishing.
- Look for signs of suspicious behaviour on their laptops and other devices.
- Monitor for unusual sounds on devices, such as clicks and unexplained static.
- Although IT departments can provide technical assistance, employees should be encouraged to take an active and empowered role in watching videos, attending seminars, and attending awareness programmes set up by their organisations.
Thereafter, ensuring that you have adequate insurance is an important step in shielding your business from the impact of a cyber-attack.
Wild concludes, “Knowledge is power when it comes to matters of cyber security. Equip yourself as a business and protect and empower your people with the peace of mind that comes from cyber insurance.”