With the global costs of cybercrime expected to soar to $13 trillion within the next five years, cyber insurance is booming as organisations try to mitigate the risk of financial losses. Globally, the cyber insurance market is now worth around $17 billion and is expected to grow by over 26% a year to top $84.62 billion by 2030.
“Spiking rates of cybercrime and ever higher ransom demands have increased the risks of insurers having to make massive pay-outs,” notes Tony Walt, co-founder and Director of Cyber Security Software House Port443.
“As a result, insurers have become more stringent about the minimum security related requirements, and cyber insurance premiums are increasing. In the US alone, premiums rose by over 120% between 2020 and 2022,” he says. “Rising premiums simply add to the burden of organisations already grappling with economic headwinds and increasing risk. The good news is that many insurers now offer discounts on insurance premiums to customers who take steps to reduce their cyber risk and improve their security posture.”
Walt says local insurers reduce premiums for customers adopting these cybersecurity best practices:
1. Keep security controls up to date: ‘Set-and-forget’ is not enough to stay ahead of cyber risk. Organisations should maintain visibility and control across their security environment and should use automation to ensure controls are regularly validated, patched and updated.
2. Use encryption and Wi-Fi Protected Access (WPA): Encryption and secured access reduce the risk of data exposure or loss and strengthens compliance with legislation such as PoPIA. This, in turn, reduces your risk of having to pay a ransom, incurring penalties, or being targeted in lawsuits.
3. Use multi-factor authentication: “Multi-factor authentication goes a long way in addressing the ongoing challenge of weak or vulnerable passwords and ensures that only authorised users can access your network. This greatly reduces your exposure, so insurers feel comfortable reducing your premiums,” says Walt.
4. Have secure backups: Secure, regular and trusted backups of critical data is crucial to build business resilience and support continuity. “To insurers, this means you are at a lower risk of claiming for lost production or business hours in the event of a cyberattack, given the ability to recover as a result of these backups.”
5. Have clear security policies, incident response processes and implement training and awareness programmes: Humans are the weakest link in cyber defence, with human error accounting for the bulk of cyber breaches. Clear and up-to-date cyber security policies and incident response plans must be drafted, implemented, tested and made readily available to all staff, and ongoing training and awareness programmes must be implemented. This could significantly reduce your risk profile and reduce your risk for cyber insurers.
Walt concludes, “Reducing your premiums is just one way to address the costs of cyber risk. The biggest costs associated with cybercrime are the losses suffered in ransoms, downtime, fines, legal costs and reputational damage. Applying cyber security best practices could help organisations avoid those costs altogether.”
Examples of discounts on premiums:
https://www.discovery.co.za/assets/discoverycoza/business-insurance/cyber-cover.pdf
https://www.santam.co.za/blog/business-advice/cyber-security-for-your-business/
https://satib.co.za/working-home-cyber-insurance-now-must/
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version