Growing demand for cyber crime insurance


Johannesburg - Taking out an insurance policy to protect a business from cyber breaches is an increasing trend in South Africa, according to an expert.

In the aftermath of a cyber breach, a business can be left hanging with costs such as restoring data, conducting forensic auditing, setting up external call centres, dealing with the loss of business income, employing a public relations consultancy as well as any notification expenses.

Fines associated with cyber breaches can also be astronomical. According to South Africa’s Protection of Personal Information (Popi) Act, custodians of breached data face a R10m fine or up to ten years in prison.

And policies exist in SA to cover these mishaps, says Candice Sutherland - a Business Development Consultant (Corporate Solutions) at SHA, Santam Specialist Underwriting Manager Agents (UMA).

"In 2014 we saw an increase of over 3000%, in just quote requests,” Sutherland told Fin24.

"So a lot of people are just doing an exploratory kind of look into how much this is going to cost to me, because they assume that the cost is going to be really, really high.

"And the reality is it's not,” said Sutherland.

Listen to Fin24 technology editor Gareth van Zyl interview Candice Sutherland:

SA's surging cyber crime

Cyber crime is a growing problem in South Africa as it cost local companies R5.8bn in 2014, according to anti-virus software firm McAfee.

Furthermore, on average it takes 200 days for a South African organisation to identify an online security breach while 84% of South African adults have been victims of cyber crime, according to insurance firm Santam.

Sutherland told Fin24 that cyber criminals are steps ahead of their victims.

These fraudsters can, for example, install software that lies dormant on a work computer and then it learns to bypass anti-virus measures on that device.

"And then when it launches itself, the antivirus doesn't pick it up, and there have been cases of people who have been breached for six years and still not even know about it,” Sutherland said.

Motivations for cyber breaches are numerous, but Sutherland said they fall into four broad categories.

"The number one cause of a breach is a disgruntled employee, number two is negligence, number three is competitors and only number four is hacking,” Sutherland said.

Sutherland said she knows of three companies offering cyber policies in SA and she advises businesses to start small in terms of cover.

"The best idea is to start off with a small limit now and at least you have something, so that if a breach happens,” Sutherland said.

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Brent Crude
All Share
Top 40
Financial 15
Industrial 25
Resource 10
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Please select an option Oops! Something went wrong, please try again later.
Yes, and I've gotten it.
23% - 135 votes
No, I did not.
50% - 290 votes
My landlord refused
26% - 151 votes