Cyber-crime is not new, nor is it fussy. Any company or organization, no matter how big or small, can become a victim of a cyber-attack. And, cyber-crime is everywhere. In fact, cyber-crime is the fourth most reported crime in South Africa. Take a minute and reread that last sentence. Cyber-crime is the fourth most reported crime in South Africa. It is defined as any criminal activity involving a computer or network and can target any one of South Africa’s almost 30 million internet users at any one time. In a growing economy such as South Africa’s, most companies and organizations rely on IT systems to store employees or client information, and sadly they are all exposed as a result.
Examples of cyber-crime abound. Hackers accessing networks to steal client information, stolen laptops containing sensitive (or proprietary) information, or disgruntled developers who disable systems after resignations or terminations of service, are just some. Insidious DDoS attacks (distributed denial-of-service attacks) are another. This is where a victim is flooded with incoming traffic that makes it impossible to stop by blocking a single source. These types of attacks can be particularly damaging to businesses in the travel and leisure sector. Although there are many different types of cyber-attacks, they have some important similarities: they are extremely damaging to businesses or organizations (financially and reputationally), they are difficult to manage, and they may be expensive and complicated to fix.
These issues should keep business owners and IT managers awake at night but, worryingly, many believe they are either adequately protected, that they have enough resources to ‘quickly’ repair any damage, or that they are too small to be targeted. In many instances, these beliefs are proven wrong, often at great expense and organizational turmoil. For this reason, proper insurance is essential to cover the costs and damages of a cyber-crime, a previously uninsurable risk. SATIB Insurance Brokers Brokers, have partnered with iToo and can now offer you an insurance product specifically to mitigate the risks of cyber-crimes. This insurance covers issues such as cyber extortion, DDoS attacks, hacking, insider or privileged abuse of information, malware (such as virus or ransomware attacks), and physical theft or loss of IT equipment.
But what exactly are you insured for? The insurance will – amongst others – cover governmental or regulatory fines imposed on companies following an attack (which may be significant depending on the level of the breach), provide cover against loss of income and the increased cost of doing business as a result of an attack, and cover the costs to investigate and mitigate a cyber-extortion threat. Restoring lost data may also be expensive (and time consuming) and the insurance will cover the costs to restore, recollect or replace this information.
This first party cover aims to assist companies get back on their virtual feet. Importantly, however, there is another element to consider. Third parties may also be affected by cyber-crime, and the insurance will cover the defense, and settlement of liability claims that cause personal harm and incidents causing harm to third party systems. Claims resulting from leaked information because of an attack such as defamation, unintentional copyright infringement, or the unintentional breach of the right to privacy, are also covered.
The maximum amount of cover through the insurance is R150m, with a minimum R15000 deductible.
Given that information technology is the bedrock of how many companies do business, not securing this vital aspect of your business is risky and irresponsible. With the assistance of the leaders in the insurance market in South Africa this risk is mitigated and properly managed by a team of experts on hand to provide the quickest and most effective solutions. The incident response panel comprises highly skilled and experienced incident response providers who are accessible 24/7 through an incident response hotline. These experts will assess the level of the incident and determine its cause. They will rate the extent of the damage and the nature and volume of the compromised data. They will also immediately begin repairing the damage and provide guidance on how to prevent further infiltration.
Apart from communications costs to notify all affected parties of what has happened, public relations experts will manage any reputational fallout from the event. All of this, naturally, must be managed on a high-level and the insurance will also cover the costs of the incident response management.
For more information on the insurance offered contact stacey@satib.co.za
