Cover insurtech conference march 2019

Cyber security, crime and exposure

At the end of March Cover Publications hosted their annual insurtech conference. A two-day conference which provides a platform for some of the leading insurtech companies in South Africa to share their learnings with the audience and for companies to discuss their thoughts on where they see the insurance landscape developing and changing over the next couple of years.

One of the talks that caught my attention was a talk by Elsa Jordan who is the Executive Head of Claims and Legal at CIB. The title of her talk was “Cyber crime, risks and exposure … the darker side”.

In recent years there has been a growth in the awareness of cyber risks and the impact which they may have. In 2018 there were a host of data breaches from the Liberty hack to Facebooks global data scandal, which exposed personal data and prompted businesses to invest significant resources into their cyber insurance cover.

Cyber security, liability and insurance are hot topics and highly relevant at the moment, but do we fully understand the risks that we exposed to? With an increased dependence on data, thanks to more smart devices being used and the growth in the internet of things (IOT), we runner a higher risk of being exposed to cybercrime and threats. In her talk, Elsa shared some examples of the cyber incidents listed below.

  • Hactivism
  • Spyware / malware
  • Social engineering
  • Denial of service attacks                                                        
  • Ransomware
  • Indiscriminate attacks
  • Destructive attacks
  • Corporate espionage
  • Misplacing information / devices
  • Incorrect recipient
  • Unencrypted data

Did you know that SA is one of the biggest victims of cyber crimes? I didn’t and while I was aware of some of the examples that Elsa listed, I was amazed to learn about the scale of the impact that cyber incidents have on a business. Added to this, on occasions there are fines that have to be paid by the company whose security systems had failed to safe guard them against cyber-attacks.

An example that Elsa highlighted was the Talk Talk data breach in 2015 were 156,959 accounts accessed and it is estimated that the total cost to the company is around £77 million.

In addition to the financial losses that companies can suffer from cyber incidents, there are other impacts that we be exposed to and have to deal with.

  • Regulatory impact
  • Adverse publicity
  • Loss of information
  • Reputational damage
  • Business interruption losses
  • Reconstruction / recovery costs
  • Liability

So, what exactly are the type of current cyber risks that we are exposed to and how should we evaluate these risks? Having listened to Elsa’s presentation, I realised that as businesses and individuals we need to be far more aware of the cyber space. The insurance cover needed to protect us against cyber incidents and risks needs to be regularly evaluated to ensure it is up to date.

Following Elsa’s presentation, I started thinking about the start-up and SME space in South Africa. Do they pay enough attention to the risks and cyber incidents that are happening around us?

To sum up, we can all be far more aware and educate ourselves to be aware of what is going on around us and the risks that we may be exposed to. It does also help though, if you have a good broker with an underwriter who can offer expert advice. If you would like to chat to Elsa further about cyber risks, please email me (joshua@cnandco.com) and I will connect you with the CIB team.