With 88% of South African organisations experiencing security breaches last year, cybercrime poses an unprecedented threat to businesses. File picture: IOL
South Africa is a growing cybercrime hotspot on the African continent, with attacks on businesses becoming more common as well as increasingly sophisticated. Karen Rimmer, head of distribution at PSG Insure, highlights that the consequences of cybercrime can be devastating, leading to severe financial loss, reputational damage, operational disruption, and potential legal liabilities – for businesses of any size. “As digital reliance grows, so does the urgency for businesses to protect their systems and data against these evolving threats,” says Rimmer.
In a recent survey by the Council for Scientific and Industrial Research, 88% of South African organisations admitted to suffering at least one security breach in the past year, with 47% reportedly experiencing up to five cybersecurity incidents.
“Business email compromise is becoming one of the biggest threats, with cybercriminals intercepting emails to redirect payments to fraudulent accounts. This growing trend highlights the need for improved cyber vigilance, but also - the right type and level of insurance to safeguard businesses from financial losses,” says Rimmer. “Having the correct cyber cover in place can help mitigate the damage, ensuring businesses can recover swiftly and minimise long-term impact.”
Why is cyber insurance so specialised?
Furthermore, Rimmer emphasises that despite becoming increasingly common, cyber insurance remains highly specialised, with policies tailored to the digital risks of each business. This means an insurer will require an in-depth understanding of the business’s digital setup to address unique vulnerabilities and safeguard against any potential risks.
However, Rimmer adds that claims can still be repudiated if policies aren’t carefully reviewed and maintained. Common reasons for rejected claims include:
· Inadequate security protocols;
· Failure to update the policy with evolving business operations, or
· Non-compliance with policy requirements.
“Working alongside an insurance adviser will ensure that businesses not only secure the right cover but also fully understand the requirements and limitations of their policies,” Rimmer says.
Key types of cyber cover available
Rimmer says the comprehensive cyber insurance can cover various types of incidents, such as:
Data breaches: Protecting sensitive information from exposure or theft covering costs related to notifying affected parties and managing reputational impact.
Ransomware attacks: Covering the costs associated with restoring data and systems, and in some cases, assisting with ransom payments.
· Business interruption: Compensating for lost income and increased cost of working.
“Given the complexities, insurance advisers play an important role in helping businesses choose the right policy features. They can also assist in determining the level of cover required, which will ensure businesses don’t end up overpaying in premiums without compromising on cover,” she says.
Five strategies to mitigate cyber risk
Rimmer stresses that “while insurance is essential, proactive cyber risk management is equally critical”. She adds that the following five strategies can help to help prevent incidents of cybercrime:
“As cyber threats continue to evolve with the advent of new technologies, a multi-layered defence is required. Combining comprehensive cyber insurance with proactive cybersecurity can help businesses to reduce the risk of significant financial and reputational damage,” Rimmer says.
PERSONAL FINANCE