By Amritesh Anaand, Practise Lead for Unified Communication at In2IT Technologies

Cybercrime is a growing threat to businesses globally, and South Africa is no exception. The country ranks third in the world for the highest number of users experiencing targeted ransomware attacks. No industries or sectors are immune, and a breach can cost companies millions in lost revenue, not to mention the cost (and time) to recover. Cyber insurance is a growing trend, aimed at helping mitigate the risk around cyber threats. However, while it can help businesses to handle some of the financial fallout from an attack, it is by no means a replacement for a comprehensive data management and protection strategy. 

The rise of cyber insurance

The last decade has seen thousands of highly publicised and cost-heavy cyber incidents, which have impacted organisations across the globe as well as a range of industry sectors. Most recently in South Africa, the Department of Justice was hit by a ransomware attack in September, and the recovery from the attack is ongoing after several weeks. No company or industry is immune, and since businesses are heavily reliant on technology and data to operate, a successful ransomware attack can be devastating financially. 

This is where cyber insurance comes in, helping the primary risks associated with cyber incidents, including network security and privacy liability, network business interruption, media liability, and errors and omissions. Cyber insurance is designed to provide first- and third-party coverage to mitigate risk exposure by offsetting the costs involved with the recovery of cyber losses. 

Cyber insurance is not a security strategy

Coverage from cyber insurance may include losses from network security breaches, data and systems recovery costs, legal expenses and third-party indemnification related to data breaches, as well as business interruption costs. However, financial risk is only one element of the cost associated with a cyberattack. The reputational damage, which no insurance policy can mitigate, can be devastating after the fact. In this instance, as with many others, prevention is always better than cure. 

Preventing a breach of your network and its systems requires protection against a variety of cyberattacks. For each attack, the appropriate countermeasure must be deployed/used to deter it from exploiting a vulnerability or weakness. The first line of defence for any organisation is to assess and implement security controls, through a multi-layered security approach that considers the following six elements.

1. Education and awareness 

One of the most common ways cybercriminals gain access to your data is through your employees. They’ll send fraudulent emails impersonating someone in your organisation and will either ask for personal details or for access to certain files. Links often seem legitimate to an untrained eye and it’s easy to fall into the trap. This is why employee awareness is vital.            

2. Frequent software and systems updates

Often, cyberattacks happen because your systems or software aren’t fully up to date, leaving weaknesses. Cybercriminals exploit these weaknesses to gain access to your network. Once they are in – it’s often too late to take preventative action.

3. Endpoint protection

Mobile devices, tablets and laptops that are connected to corporate networks give access paths to security threats. These paths need to be protected with specific endpoint protection software.

4.  Data security 

There are so many different types of sophisticated data breaches and new ones surface every day and even make comebacks. Putting your network behind a firewall is one of the most effective ways to defend yourself from any cyberattack. A firewall system will block any brute force attacks made on your network and/or systems before it can do any damage.

5. Identity and access

Physical access remains a critical element and having control over who can access your network is important. If somebody can simply walk into your office and plug in a USB key containing infected files into one of your computers, allowing them access to your entire network or infect it, then systems are not secure.

6.  Strong password policies 

Having the same password setup for everything can be dangerous. Once a hacker figures out your password, they now have access to everything in your system and any application you use. Having different passwords set up for every application you use is a real benefit to your security and changing them often will maintain a high level of protection against external and internal threats.

Insurance is the fallback

As with anything in life, insurance should be a last resort when all else has failed. It can help to mitigate some of the financial damage of an attack, but it cannot form the basis of a cybersecurity strategy, as this places businesses at risk for other areas, including compliance. 

However, it can be difficult to know where to begin when it comes to protecting your business from cybercrime and cyberattacks. There is so much information out there that it can become overwhelming, especially when we have so much interrelated information. The right technology partner is essential to delivering a cybersecurity solution that works for a business and its employee.