Cyber crime in SA
South Africa has not been immune to the risk of cyber crime: it is estimated that in 2014, cyber crime cost South African companies around R5.8 billion.
Furthermore, on average it takes 200 days for a South African organisation to identify an online security breach. Likewise, individuals have also been impacted: eighty four per cent of South African adults have been victims of cyber crime.
“Criminal activity including hacking has been on the rise in South Africa and internationally and these range from Distributed Denial of Service attacks to the hacking of social media accounts. These attacks can have devastating effects on society, and businesses and individuals need to protect themselves against the consequences of cyber crime with comprehensive cover,” says Candice Sutherland, Business Development Consultant (Corporate Solutions) at SHA, Santam specialist underwriting manager agents (UMA)
To protect a company from these risks, a good cyber-insurance policy needs to cover first party expenses, taking into account the actual costs of re-collecting and replacing data, as well as the expenses related to employee overtime, rented external equipment and services.
Additionally, the policy has to cover loss of business income, the notification expenses incurred to comply with privacy legislation, any crisis management expenses and possibly regulatory fines and penalties.
The risks individuals and companies are exposed to include the following:
• system unavailability and downtime;
• business being held to ransom;
• loss of revenue;
• loss of data;
• reputational damage and costs associated with reducing the impact of a breach;
• loss of competitive advantage;
• industry and regulatory fines and penalties; and
• litigation arising from compromised data.
Santam specialist underwriting manager agents (UMA) SHA offer the following cover:
Data recovery and business interruption: provides coverage to respond to a loss of income and operating expenses experienced due to a network security breach.
This will cover the expenses of specialists, investigators, digital forensic auditors, or loss adjusters as well as cover the cost of restoring or recovering data and operations, or costs incurred until it is established that data cannot be recovered or restored.
Crisis management & notification expenses: provides coverage for costs of responding to a security failure or privacy breach. These response costs could include notification expenses, the cost of providing credit-monitoring or other remediation services to customers or impacted third parties as well as service providers that specialise in crisis management and public relations.
This would include coverage for third party claims due to the failure of the insured’s network security or the insured’s failure to prevent unauthorised access to personal information.
Associated regulatory fines and penalties to the extent insurable by law could also be covered.
Sutherland concludes, “Organisations that have experienced breaches of data security can testify that cyber crime relates to more than just the loss infrastructural capacity. This is a real criminal activity which can lead to extortion, fraud and forgery as well as impact the sustainability of a business. If cyber security is properly managed with the right insurance cover, businesses and individuals can be safe out there.”
For more information contact Margot Gutteridge on 021 469 1572 | 084 296 2689 or firstname.lastname@example.org
About Santam, Insurance Good and Proper
Santam is South Africa’s leading short-term insurance group with a market share in excess of 22%, over 4000 staff members and 4500 broker partners nationwide, and MiWay as a direct insurer. The company insures most of the Top 100 companies listed on the JSE.
Santam’s competitive advantage is entrenched over 95 years of offerings its clients a wide range of short-term insurance products that have been scientifically modelled to suit their needs as well as having the highest claims efficiency in the industry. The company is recognized by its peers as having the most technically competent staff.