Thought Leadership on Cyber Insurance

Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes.

As if the pandemic in itself wasn't devastating enough, hackers leveraged the opportunity to attack vulnerable networks as office work moved to personal modes.

According to statistics, only 51% of organizations in Nigeria are confident in their team’s security ability to act and 71% have reported an increase in data breach threats since the pandemic outbreak with financial institutions bearing the brunt of each attack.

In a bid to create awareness on this and educate business owners to safely mitigate these risks, Allianz Nigeria on the 6th of August 2020, featured four industry experts in an interactive webinar titled ‘The Ever Increasing Impact of Cyber Attacks: A case for Cyber Insurance’ .

It was revealed that 71% of security professionals had reported an increase in security threats or attacks since the start of the virus as Cyber risk trends likely to affect organizations are; Phishing (55%), malicious websites (32%), malware (28%) and ransomware (19%).

Among other highlights from the speakers was the need for organisations to focus not only on cyber security but more on cyber resilience. This entails a fusion of information security and business continuity strategies. In other words, cyber resilience is the ability of an organisation to  withstand attacks or failures and in such instance re-establish itself quickly back to operational mode.

To achieve this, a seven fold approach which includes being strategic, building capacity, strengthening the process, automate inform and transform, measure and monitor, cyber insurance and collaboration was recommended.

In an era of unprecedented security risks, companies should determine more pragmatically how they intend to curb these risks and build capacity termed as "human fire wall".  Organisations should create awareness internally, train and educate staff members as a way to minimize the ability of intruders to compromise their information security.

Organisations also need to strengthen their cyber security posture across all levels. Every layer of access down to the seemingly unnecessary layer should be tightened as a way to discourage attackers.

In another related remark, there is a need for conducting regular analysis so as to determine the level of exposure and strengths. Cyber-attacks as it stands is dynamic and companies stand a risk of being vulnerable either accidentally or deliberately through its people, processes or the type of technology adopted.

Speaking intricately on how to mitigate the risk of cyber-attacks, Santho Mohapeloa; Senior Cyber and Liability Underwriter at Allianz Global & Corporate Specialty, South Africa emphasized the need for insurance and the importance of complying with Cyber Best Practices in preventing and mitigating cyber losses. Santho then went on to discuss the nature of cyber insurance coverage provided by Allianz for Africa under the headings First party (i.e. claims made by the insured), Third party cover (claims against the insured by a third party) and Enforcement body cover (claims against the insured by a regulatory body)

Commenting further on this, Aima Higo, Unit Head Reinsurance at Allianz Nigeria Insurance Plc. Said, ‘’In a connected world, we all have a responsibility to protect ourselves and the people we interact with and it all starts with understanding cyber security. Although, there is no 100% security in the cyber domain, dangers can only be reduced to an acceptable level by implementing a set of actions and by getting cyber insurance’’.

Organizations especially financial institutions, in times like this, have to learn cyber resilience, examine how quickly they can bounce back into operational mode post cyber-attack, and more importantly to transfer risks, as insurance is best to help mitigate the losses that may emanate from cyber risks.

Cyber-attacks will continue to grow over the years and a weak or vulnerable area in an operational entity is all that is needed to suffer damaging exposure to data privacy and information.

Organizational cultures therefore need to reinforce the need for a cyber-security management system and incorporate cyber insurance as a cardinal part of their strategic objectives whether or not the end of the pandemic is in sight.