printer friendly version

South African organisations enhance cyber resilience with strategic cyber insurance

Pieter Nel.

Sophos has released the findings of a new study that highlighted the increasing integration of cyber insurance into the risk management strategies of South African organisations.

The research, which surveyed 311 IT and cybersecurity professionals in South Africa whose organisations have some form of cyber coverage, identifies a proactive shift towards enhancing cyber defences as a key to optimising insurance outcomes.

“Cyber insurance is no longer just an optional extra; it's a critical component of comprehensive risk management strategies, providing a financial safety net and helping to mitigate the impacts of cyber incidents,” said Pieter Nel, Regional Head – SADC at Sophos.

“Our findings show a strong correlation between the quality of organisations’ cyber defences and their ability to secure favourable insurance terms. A significant 98% of respondents improved their cyber defences to better their insurance positions, with 74% achieving coverage they wouldn't have otherwise obtained.”

The study, conducted in January and February 2024, reveals that 53% of organisations were driven to adopt cyber insurance due to their understanding of the business impacts of cybercrime. Additionally, 45% sought coverage following direct experiences with cyberattacks, underlining the persistent threats that businesses encounter.

Key findings include:

• 72% of organisations made major investments in cyber defences to optimise their insurance standing.

• 74% claimed these investments enabled them to secure coverage.

• 68% reported obtaining more cost-effective coverage due to their enhanced defences.

• 45% achieved better policy terms, such as improved coverage limits and conditions.

In positive news, all respondents whose organisation had made a claim on their policy said the insurer had contributed to costs, with 59% of the total incident bill covered, on average. Illustrating that coverage levels are not keeping pace with the increase in remediation costs, the most common reason cited for the insurer not covering the full bill is that total costs exceeded the policy limit.

“The evolution of the cyber insurance market and the growing sophistication of cyber threats necessitate a robust and proactive approach. Organisations must view cyber insurance as part of a broader cyber resilience strategy, not only for financial protection, but as an incentive to maintain and improve cyber defences,” Nel added.

This strategic emphasis on cyber insurance is set to play a pivotal role in enabling South African businesses to navigate the complexities of the digital age, safeguarding their operations and fostering a resilient digital economy.

Find out more at www.sophos.com.

Share this article:

Further reading: