”There are 2 kinds of companies: Those who have been hacked and those who don’t know that they have been hacked!” John Chambers – Executive Chairman, Cisco. In view of the recent cyber attacks in South Africa, Mauritius and other countries in Southern Africa targeting Banks, Telcos and other large Public sector Institutions – the Security team at Anglo African has put together the following blog to introduce the concept of Cyber-Risk Management.
Going on the assumption that 100% security does not exist, we have seen numerous cases of data breaches, zapping throughlike lightning, never knowing when or where they will strike next or how much damage they will cause.
Cyber-Risk Management can help you mitigate these, butas it’s not a substitute for implementing good data privacy and security practices.
That is why Anglo African has combined Managed Security Services in partnership with IBM [A Leader in Gartner Magic Quadrant, IBM maintains the largest threat and vulnerability database which allows it to provide reliable protection and guaranteed service level agreements] and cyber-risk insurance with a number of global insurance companies, [specially to cover those risks that fall outside the Service Level Agreements which we believe is the only solution that comes close to a 100% protection!
Today, there are a few specialised insurance providers for cyber insurance with policies that provide coverage choices operating in the Sub-Saharan African region. However, different companies are vulnerable to different risks meaning some organizations need more protection than others. Regardless of a company’s industry, size or location, an appropriate cyber insurance policy can always be found if the process is done with both comprehensiveness and attention to detail.
What does Cyber insurance policy caters for;
- Information security and privacy cover - The provision of standard coverage for damages resulting from the unauthorized disclosure or theft of confidential information.
- Data breach/privacy crisis management cover – A breach response services with forensic computer experts, expenses related to the management of an incident, the investigation, the remediation, data subject notification, call management, credit checking for data subjects, legal costs, court attendance and regulatory fines.
- Multimedia/Media liability cover - Third-party damages covered can include specific defacement of website and intellectual property rights infringement.
- Extortion liability cover – Typically, losses due to a threat of extortion, professional fees related to dealing with the extortion.
- Network security liability – Third-party damages as a result of denial of access, costs related to data on third-party suppliers and costs related to the theft of data on third-party systems.
- Business interruption- Covers loss income and related costs where a policy holder is unable to conduct business due to a cyber event or data loss.
Key takeaways for businesses as they explore this emerging area of coverage;
- Companies should consult Cyber-Risk Management companies to help determine risk,
- A comprehensive evaluation of cyber risk allows companies to match the scope of coverage with the appropriate products as one-size does not fit all when it comes to cyber insurance products. Most of the global cyber-risk insurance companies that we deal with at Anglo African treats each company on a case by case basis, even if they are from the same industry,
- Many cyber insurance policies require the use of the insurer’s “panel” of experts. Companies should be careful about giving up too much control over the selection of attorneys and forensics experts on the panel.
The Security team at Anglo African will be pleased to assist you in reviewing some or all of your processes that you currently have or the challenges that you might be facing. Please contact us on: email@example.com or call us on +2302331636.