Last month’s hack at one of SA’s largest insurers has been a wakeup call for many local businesses that have maintained a fairly relaxed approach to cybersecurity. As the biggest SA breach to date, it dominated the headlines, but the reality is that cyber security issues have been creeping up on us for some time, with an increasing number of businesses having been victims of “ransomware” attacks.
“It’s crucial for advisers to understand cyber risks, and how to insure against them,” said Bertus Visser, Chief Executive of Distribution at PSG Insure. “This is often easier said than done, however, as they are very different to traditional business risks, and the nature of cybercrime is continually evolving.”
“Cyber risks are often intangible and difficult to quantify, as the value of a loss depends on things like the nature and volume of the data compromised and the damages that have resulted,” said Visser. These could include:
- Loss of revenue
- Loss of intellectual capital
- Loss of competitive advantage
- Reputational damage
- Litigation from clients and third parties affected by the compromised systems or data
“These risks can lead to a host of costs for a company, such as the costs of IT specialists to contain the problem, or a forensic investigation to ascertain how the leak occurred,” said Visser. There could also be legal costs and the cost of public relations specialists to limit reputational damage.