Breaches are escalating with increasing intensity, and with more sophisticated malware than ever before. All businesses and governments face this growing threat, and are looking for ways to protect their assets, both information and financial.
Moreover, while many businesses both large and small have taken measures to implement cyber security solutions, they face a growing problem, because as attackers become more sophisticated, they are using online distribution channels and other third-party partners to target their victims.
According to Sarel Lamprecht, MD of Phishield, the world’s first cyber insurance policy, this has driven a need for insurers and insurance brokers to raise awareness and promote their cyber insurance products and educate businesses as to what is covered in the event of a breach. “Of course, insurance is only one link in the security chain,” he adds.
“To manage risk properly, businesses need to have other measures in place, such as tools, procedures, policies and compliance. They need to remember that having insurance in place is not an ‘instead of’ security solutions, but rather an ‘in addition to’. It is a vital part of a company’s overall risk posture.”
While banks and other organisations that handle their customers’ most sensitive data are generally better equipped to assess cyber risks, and understand the potential fallout, most of SA’s businesses are not, he says. “The modelling of cyber risk has been tricky due to a dearth of available data, as well as a multitude of factors that are difficult to quantify.”
However, he says there are other approaches to valuing the risk of a breach including using stress and penetration testing. “Most cyber policies will offer direct loss and liability protection for risks that go hand-in-hand when utilising technology and data. Policies can also be expanded to include costs associated with business interruption or downtime. At an executive level, where regulatory and compliance concerns play a role, a wider understanding of cyber risk is needed, including the potential impact, and ways to mitigate it.”
Lamprecht says in South Africa, the adoption of POPI is forcing businesses to boost their cyber liability plans as they try to get a handle on the true impact a breach could have on their organisations. “Many businesses haven’t a clue that a security event has even occurred until months down the line. They also struggle to put a price tag on the damage a breach has caused – sums that can run into the millions. The costs come in many forms – from the forensic investigation, to downtime, to letting customers know and the resulting loss of confidence, third-party losses, as well as penalties and fines imposed by regulatory bodies.”
All businesses are vulnerable, he says, and SA is no different. “This digital era we live in has brought many benefits in terms of efficiencies, innovation and similar, but this comes with a whole new slew of risks and vulnerabilities. “Fraud happens more often than not in cyber space these days, and companies need to ensure their insurance will cover incidents of this nature.”
Moreover, he says businesses must ensure their risk management posture is top notch, and updated to handle growing scourge of breaches. “This should include introducing penetration and stress testing, as well as having a thorough recovery plan in place that unites all the different business units.”
- Insights on Data 7: POPI gets implemented; now to help Business comply | #eBizInsights | Jayson O’Reilly of Atvance Intellect| Podcast - July 1, 2020
- Covid-19 killed traditional disaster recovery | #eBizInsights - July 1, 2020
- The ‘new normal’ way to operate your business | #eBizWires - July 1, 2020
- NGO’s during the Pandemic; Hope at the Darkest of times| #eBizPayItForward|Nomthi Mnisi | Podcast - June 27, 2020
- The business of sports broadcasting – live sport is back! | #eBizWires| Andile Qokweni - June 27, 2020
- Digitalising customer engagement vital for retail insurance growth | #eBizInsights - June 27, 2020
- The role South Africans can play as active citizens |#Matalane Ngobeni |#Podcast - June 24, 2020
- Insights on Data 6:How Hacks occur; a fast, ever-evolving landscape | #eBizInsights| Jayson O’Reilly of Atvance Intellect| Podcast - June 23, 2020
- Being an ”Essential Service” during Lockdown, Vox’s experience | #eBizInsights | Jacques du Toit of Vox| Podcast - June 18, 2020
- Covid-19 provides construction industry with opportunity for change | #eBizInsight - June 18, 2020