Online security threats drive increase for cyber insurance
CYBER insurance is a fast growing market as the rise in cyber crime leaves companies more vulnerable to online security threats.
SA is among the countries where demand for cyber cover is growing fast, according to a report by global insurer Marsh which looked at the insurance market in Europe, the Middle East and Africa for last year.
Santam and Mutual & Federal through Carmague, a specialist liability underwriting manager agency, are among local short-term insurers who have introduced cyber insurance in response to SA’s growing demand.
Alexander Forbes is exploring options for cyber insurance, said MD Gari Dombo yesterday.
“We are talking to a specialist in cyber insurance to support increasing demand and anticipated demand from our clients particularly with the advent of new legislation like the Protection of Personal Information Act.”
Commenting on SA, Marsh said: “Demand for cyber insurance is increasing, and rates and terms are becoming more favourable as new insurers enter this market.”
Cyber crime is estimated to cost South African companies more than R5.8bn a year, according to a report by McAfee on behalf of the Center for Strategic and International Studies. On average it takes 200 days for a South African com- pany to identify an online security breach while 84% of South African adults have been victims of cyber crime, said Santam.
“These attacks can have devastating effects on society, and businesses and individuals need to protect themselves against the consequences of cyber crime with comprehensive cover,” said Simon Colman, underwriting executive with SHA, Santam specialist underwriting manager agents.
Mr Dhombo said cyber insurance is specialised, and differs from policies that insure only physical damage. “With a number of operations the most important asset is no longer the physical assets but rather data which has become more valuable — depending on your business operation — than physical assets,” he said.
On the weekend, Russian com- puter security firm Kaspersky Lab said an organised gang of cyber criminals had stolen about $1bn from global financial institutions since 2013. It targeted senior bank employees, using e-mail messages to trick them into opening files containing malicious software.
Bernard Hotz, Werksmans head of business crime and forensics practice, has seen a rising number of cyber attacks on his clients. He is concerned that so few firms are protected against cyber attacks, leaving them vulnerable to abuse by criminals and even terrorists.
He gave, as an example, an East European syndicate that hacked into a rival South African law firm’s database and took client information hostage last month in return for a ransom.
“If one looks at the recent example of the breach announced by health insurer Anthem where personal information of up to 80million customer records was exposed this has brought more attention to data security records than before,” Mr Dhombo said.
Mr Colman said a good cyberinsurance policy needs to cover first party expenses, taking into account the costs of recollecting and replacing data, and the expenses related to employee overtime, rented external equipment and services.
It also has to cover loss of business income, the expenses incurred in complying with privacy laws, crisis management expenses and regulatory fines and penalties.