​”There are 2 kinds of companies: Those who have been hacked and those who don’t know that they have been hacked!” John Chambers – Executive Chairman, Cisco. In view of the recent cyber attacks in South Africa, Mauritius and other countries in Southern Africa targeting Banks, Telcos and other large Public sector Institutions – the Security team at Anglo African has put together the following blog to introduce the concept of ​Cyber-Risk Management.

​Going on the assumption that 100% security does not exist, we have seen numerous cases of data breaches, zapping through​like lightning​,​ never know​ing​ when or where they will strike​ next​ or how much damage they will cause. ​​

Cyber​-Risk Management can help you mitigate these, but​as​ it’s not a substitute for implementing good data privacy and security practices.​ ​

That is why ​Anglo African has combine​d​ Managed Security Services in partnership with IBM​ [A Leader in Gartner Magic Quadrant, ​IBM maintains the largest threat and vulnerability database which allows it to provide reliable protection and guaranteed service level agreements] and cyber-risk insurance​ with a number of global insurance companies​, ​[specially to cover those risks that fall outside the Service Level Agreement​s​ which we ​​believe is the only solution that comes close to a 100% protection!

Today, there are a few specialised insurance providers for cyber insurance with policies that provide coverage choices operating in the Sub-Saharan African region. However, different companies are vulnerable to different risks meaning some organizations need more protection than others.​ ​Regardless of a company’s industry, size or location, an appropriate cyber insurance policy can always be found if the process is done with both comprehensiveness and attention to detail.

What does Cyber insurance policy caters for;

• Information security and privacy cover -​ ​The provision of standard coverage for damages resulting from the unauthorized disclosure or theft of confidential information.
• Data breach/privacy crisis management cover – A breach response services with forensic computer experts, expenses related to the management of an incident, the investigation, the remediation, data subject notification, call management, credit checking for data subjects, legal costs, court attendance and regulatory fines.
• Multimedia/Media liability cover -​ ​Third-party damages covered can include specific defacement of website and intellectual property rights infringement.
• Extortion liability cover – Typically, losses due to a threat of extortion, professional fees related to dealing with the extortion.
• Network security liability – Third-party damages as a result of denial of access, costs related to data on third-party suppliers and costs related to the theft of data on third-party systems.
• Business interruption- Covers loss income and related costs where a policy holder is unable to conduct business due to a cyber event or data loss.

Key takeaways for businesses as they explore this emerging area of coverage;

1. Companies should consult ​Cyber-Risk Management companies to help determine risk​,​
2. A comprehensive evaluation of cyber risk allows companies to match the scope of coverage with the appropriate products​ as ​one-size does not fit all when it comes to cyber insurance products​. Most of the global cyber-risk insurance companies that we deal with at Anglo African treats each company on a case by case basis, even if they are from the same industry, ​
3. Many cyber insurance policies require the use of the insurer’s “panel” of experts. Companies should be careful about giving up too much control over the selection of attorneys​ and​ forensics experts on the panel.

The Security team at Anglo African will be pleased to assist you in reviewing some or all of your processes that you currently have or the challenges that you might be facing. Please contact us on: contact@infosystems.mu or call us on +2302331636.

I