Cyber Insurance – A Must-Have For Businesses In Africa
By Jonathan Marucha
Cybercrime is on the rise in Africa. In recent years, there have been a few notable attacks in Africa.
In October 2022, a group of hackers stole the credit card information of Kenyan customers of a local bank. The information was then used to make fraudulent purchases.
In July 2022, a group of hackers claimed to have stolen the personal information of over 1 million Ethiopians from the National ID Authority. The information included names, addresses, and identification numbers.
In 2021, the South African Reserve Bank was attacked leading to loss of sensitive financial data. These examples highlight a clear manifestation of cybercrime and the level of risk potential in Africa.
According to a report by the Africa Cyber Security Centre, there were over 10 million cyber-attacks recorded in Africa in 2021 compared to previous years. This number is quite significant compared to the previous number of attacks in the region.
In 2022, the Check Point Research report pointed out that Africa was the most cyber-attacked continent with an average of 1,848 attacks per week targeting an organization in the continent compared to 1,164 globally.
Separately, in its March 2023 report, the Africa Cybercrime Operations Desk of Interpol had identified email compromise, phishing, ransomware attacks, banking trojans and stealers, cyber extortion, online scams, crimeware-as-a-service as emerging prominent cyber threats to businesses.
Despite clear indications that cybercrime is on the rise in Africa, there is still a slow uptake of cyber insurance compared to Europe and other parts of the world. A recent report by Marsh Africa indicates that only 10% of businesses in Africa have cyber insurance in comparison to 30% of businesses in Europe and 40% in the United States.
There are several reasons why businesses in Africa are slow to adopt cyber insurance. One of the major reasons is majority of businesses are not aware of their level of exposure to cyber risks.
Others, perceive cyber insurance premiums to be either too expensive or an unnecessary expense, especially small business. The limited availability of coverage is also another barrier as not all insurers have the necessary re-insurance treaties to offer cyber insurance in Africa, and those that do may not offer the same level of coverage as insurers in other parts of the world.
The requirements and the process of acquiring cyber insurance can also be lengthy and complicated. Although there has also been weak enforcement of cyber laws among African nations there is now a deliberate focus by governments to improve regulations and compliance requirements as one of the primary factors to support cyber security due to eminent vulnerability.
Businesses in Africa need to take more steps to protect themselves from cybercrime. Due to the growing use of technology, businesses need to continuously train their employees on cybersecurity best practices including multi-layered access verification to the various official systems and applications.
Now that many employers are allowing employees to work remotely, it has become a priority for high levels of alertness and vigilance for businesses. It is also important to have a Cyber Incident Response Plan in place under the Disaster Preparedness and Business Continuity Plan.
Cyber insurance has helped businesses recover from financial loss, disruptions and reputational damage caused by cyber-attacks. Insurance companies and businesses can work together to raise awareness on the importance of cyber insurance while making it easier to acquire this coverage. This could involve simplifying the application process and offering more affordable policies.
A company that is not protected by cyber insurance is likely to face several risks. This would include the theft of sensitive data, such as customer information or financial data which may lead the company to be liable for financial losses caused by fines, settlements, and lost business.
A cyber-attack is likely to lead to serious reputational damage especially where sensitive data is stolen, or its systems are disrupted. As a result, attracting new or more customers or strategic partners becomes difficult.
The level of business disruption caused by a successful cyber-attack cannot be underestimated. Business operations get grounded thereby disrupting systems if they are taken offline or data is corrupted. The revenue and organizational productivity loss can be immense. Lawsuits can be costly because of legal liability resulting from theft of customer data.
Risk exposure varies from one business to another. Some are more prone to cyber-attacks than others. Those that heavily rely on technology to offer financial services, telecommunications solutions, healthcare services, government services and huge data centers are more likely to be attacked than any other businesses.
These are attractive targets for cybercriminals because they have sensitive data that can be stolen or held for ransom. They are also perceived to have the financial resources and the ability to pay high ransom demands.
Some of these organizations try to protect themselves by implementing security measures such as firewalls and antivirus software with regular data backups. Because of the level of awareness in this organisation on the potential number of losses incurred upon a cyber-attack their risk mitigation includes, taking up of important cyber insurance.
In conclusion, cyber-attacks are becoming increasingly common and sophisticated, and they can have a devastating impact on businesses. A cyber insurance policy can help cushion businesses by providing coverage for the cost of restoring data, repairing damaged systems, and settling any resultant legal fees. The policy can extend to cover business interruption and revenue loss during the post-attack period.
Cyber Insurance is an essential protection against the ever-increasing threat of cyber-attacks. Consult your insurance broker for advice on cyber insurance coverage for business.
Jonathan Marucha is the Executive Director, Laser Insurance Brokers Ltd