Cyber Insurance? No Thanks, I Have Backups
A 2024 report by ITWeb shows that South Africa ranks 64th in Check Point Software Technologies' Global Threat Index. Around 50% of South African businesses have faced up to four cyber-attacks in the past year, even those with strong cybersecurity in place. The question is no longer "if" but "when" a cyber breach will happen.
When we, at AIB Cape, discuss cyber risks with small and medium enterprises (SMEs), we often hear, "We have backups" or" Our IT guy handles security" from our clients. However, 49% of breaches in 2024 have involved data spread across public clouds, private clouds, and on-premises systems. Having backups is important, but it's not enough.
On the other hand, individuals often think they are not targets for cyber-attacks or data breaches. This is far from the truth. Our daily activities - social media, email, online shopping, and banking - are all vulnerable to cyber threats
What is Cybercrime?
Cybercrime can take many forms, including:
- Email and internet fraud.
- Identity Fraud
- Theft of financial or payment card data.
- Stealing and selling corporate data.
- Cyberextortion (demanding money to prevent an attack).
- Ransomware attacks (a type of cyberextortion).
- Cryptojacking (using stolen resources to mine cryptocurrency).
These crimes are usually carried out by cybercriminals using viruses or other types of malware
How Companies and Individuals Can Protect Themselves
Cybercriminals are using more advanced techniques, and new threats emerge daily. However, following these best practices can help prevent attacks:
- Use HTTPS websites: Always check for a padlock symbol in the URL bar. It means the website connection is secure and encrypted, protecting you from hackers.
- Keep software and devices updated: Updates help protect against new cyber threats. Don’t ignore update notifications.
- Implement a firewall: A firewall is your first line of defense. It filters out harmful traffic and protects your network.
- Regularly back up your data: Follow the 3-2-1 rule—keep three copies of your data in different locations. This protects you if ransomware locks you out of your files.
- Monitor for threats: Scan your system daily for malware and vulnerabilities to catch security issues early.
- Invest in email authentication: Email authentication adds another layer of security to prevent cyberattacks.
- Avoid pop-ups: Don’t click on pop-up ads, even if they look safe. They can contain malware or redirect you to dangerous sites.
- Use strong passwords: Create unique, hard-to-guess passwords for each account. Enable two-factor authentication whenever possible.
- Be careful with email: Don’t open attachments or click on links from unknown senders. They could contain malware.
- Avoid risky websites: Stick to trustworthy websites, especially when downloading files.
If All Else Fails… Insurance
There are insurance products available for both businesses and individuals. Since the Protection of Personal Information Act (POPIA) was introduced, companies must discuss cybersecurity in board meetings to comply with the law. This means they must:
- Identify internal and external risks to personal information.
- Set up and maintain safeguards against those risks.
- Regularly check that the safeguards are working.
- Update safeguards as new risks emerge or weaknesses are found.
A cyber insurance policy can help companies cover regulatory fines, business interruptions, data restoration, theft, and third-party losses.
For individuals, cyber insurance can cover theft of funds, identity theft, cyber extortion, cyberbullying, and express kidnapping for the entire family.
Talk to AIB Cape to explore the best options for your needs