In today’s data driven world, malicious software infection, cyber extortion, identity theft and fraud are common and exposes individuals and organisations to liability lawsuits and high costs of remedying these. Technology has significantly changed the way financial institutions and service providers conduct their business. Most businesses collect as much personal information from clients as possible to develop tailor made products for customer needs, maintain market advantage and take opportunities brought about by new trends. However with these changes comes a huge risk of cyber crime.
Technological advancements meant for easy accessibility, convenience and improved service delivery brings with it loopholes that criminals always try to exploit. Cyber crime contributes to annual revenue loss through business interruptions and most cyber attacks are mainly for financial gain; people steal confidential information such as trade secrets and clients data and use it to their benefit.
Guy Carpenter & Company, LLC in their annual survey results cited cyber attack as the top emerging risks the largest threat for businesses in 2015. Cyber security is a major issue and companies should treat cyber risk management as a high priority area. Data mining is way more complex than just collecting information from clients, the big question should be how is this going to benefit our customers, the organisation and are we creating platforms which are user friendly and secure? Reports on the increasing rate of fraud, data breaches, account hacking and card cloning have made data management one of the most crucial tasks for organizations and fundamental institutions such as insurers need to address the risks emanating from technological developments.
Every business using computer networks is at risk and can be a victim to cybercrime, a fact which cannot be ignored. With the ever increasing risk and costs associated with cyber attacks, it’s important that businesses adopt and implement an internal risk management unit and cyber insurance to help manage the risks.
Even though this is still a relatively new risk to African markets, studies have shown the significant impact cyber attacks has on organisation, it is therefore imperative that companies engage with insurers to assess vulnerability, get an indepth understanding of the associated risks, potential loss areas and value of loss to ensure that the right insurance covers are in place.
BIC offers network security and privacy insurance for Legal services, IT services, Data Restoration, Reputational Protection, Notification Costs, Credit & ID Monitoring, Data Protection Investigations and Liability costs incurred in connection with breach of personal or corporate information, security failure or system failure, failure to notify a regulator of an actual or alleged breach of personal and corporate information. The Insurer will pay to or on behalf of the Company the reasonable and necessary fees and expenses incurred to engage Response advisors, IT specialists and Crisis Consultants.
As part of cyber risk management, companies need to engage insurers to evaluate risks to prevent and mitigate cyber risk by doing the following;
- Ensure secure, hard to crack codes for their systems.
- Have confidentiality clauses for employees
- Continuous re assessment of new technologies
- Compliance with employee password policies
(Source: Botswana Insurance Company)