Matthew Garrun, Director, Garrun Group Insurance Brokers
A Tuesday. It’s a day that all South Africans will recall vividly, and feel the consequences of for many years to come.
In response to the Covid-19 pandemic, President Cyril Ramaphosa issued a 21-day national lockdown that legally requires South Africans not working in essential services to stay put in their homes, unless to buy food and medicine, or to seek medical attention and collect grants.
Business owners immediately faced a deluge of hurdles. Slashed income, crippling overheads, and having to emigrate entire operations teams to online working platforms so their employees can work from home.
And here’s the kicker. While we are all trying to anticipate, adapt and plan for what comes next, the issues and risks that were present before the first Covid-19 patient was diagnosed, continue to persist. Many risks have been elevated by the overwhelming uncertainty caused by the pandemic.
A few weeks after European nations announced lockdown measures, and a week after Ramaphosa’s announcement, The World Economic Forum (WEF) warned against opportunistic cybercriminals seeking to “exploit our thirst for information as a vector for attack”. Attackers are using Covid-19-themed phishing emails with links that download Remote Administration Tools on users’ devices.
Cybersecurity services provider Kaspersky warned of a massive spike in network attacks during 15-21 March, the week that schools and businesses were required to move operations to a home working environment. According to these statistics, affected devices increased from 20 000-30 000 to about 310 000 in the period.
“The region is seeing an increase in attempts to break into the organisations systems to establish control over them, sabotage their work, or access sensitive information,” said Maher Yamout, Senior Security Researcher for the Global Research and Analysis Team at Kaspersky.
According to the Official Cybercrime Report, published by Cybersecurity Ventures, cybercrime will globally cost $6 trillion annually by 2021, up from $3 trillion in 2015.
Thousands of previously office-bound South African employees are currently working from home. There is a concern that many companies sent their workforces home without the right technologies or corporate security policies in place. While the threat of cybercrime seems like the last thing on anyone’s radar at the moment, cybersecurity should be a very real concern for business owners and brokers.
South Africa currently sits at number six in the world on the Cyber Exposure Index for exposure to cybercrime. The need for the South African broker market to grasp the importance of cybersecurity and cyber insurance has been highlighted by the added volatility of Covid-19 and its implications for businesses and individuals.
The underregulated, and under-resourced, cyber environment in South Africa has always been a haven for cybercriminals, but with cybersecurity measures currently on the backburner as companies focus elsewhere, the doors are wide open.
Brokers must understand and communicate to their clients that cyber insurance is a vital final layer of defence in protecting a company and one of its most precious commodities: company and client data. A data breach now can prove fatal to a business of any size.
Underwriting in the dark
The proliferation of cyberthreats poses a significant challenge to the global insurance industry. The ever-changing risks associated with cybercrime can’t be compared to the more stable and linear threats of conventional insurance lines like building or motor insurance.
Moreover, conventional insurance has established pricing guides with an inherent accumulative risk, which is relatively predictable and measurable. With cyber risk policies, insurers and reinsurers are often left in the dark following the initial underwriting, due to the ever-changing nature of cyber risks.
A broker is best-suited to assist clients – particularly SMEs – in consistently managing and mitigating risks during the renewal period, rather than merely transferring the risk to an insurer. It is the broker’s responsibility to become a holistic risk advisor and to focus on the insurance elements of clients’ cyber needs.
By providing insights to insurers and assisting clients in developing a cyber resilience plan, which includes a cyber insurance policy, the relevant buffers can be introduced. This will protect clients from the devastating and sometimes irreversible impact of a cyberattack.
It may prove costly
Traditional cybersecurity services don’t come cheap. SME businesses often can’t afford cybersecurity firms to perform risk assessments and implement security software. SMEs are left with their IT technicians for security expertise, which can be found wanting.
SMEs also often opt for less cybersecurity protection, mistakenly thinking that cybercriminals rather target large corporations than smaller companies. However, criminals use programs to scan the web and identify companies with specific security weaknesses, as noted in a Chubb report, What Cyber Criminals Know.
Brokers are pivotal in providing specialist advice to their clients about the risks insured in a cyber risk policy. This includes direction on how to implement appropriate endpoint detection software, password management policies, cyber awareness training platforms, patch management, and many other affordable methods to improve a company’s cyber resilience.
As cybercrime evolves, so too does the role of the broker. We have seen how cybercriminals have been quick to pounce on cybersecurity weaknesses exposed by the pandemic. Mitigating this risk, and the greater risk of Covid-19, will require a proactive approach.
We must do all we can to understand each company’s unique cyber risks, especially now. The pandemic has forced companies to adapt almost overnight, and we as brokers must do all in our power to anticipate and mitigate the associated risks wherever possible.
The challenge is enormous and important, and the risk of not acting carries a great price.