orangeblock
Menu

Fighting off the Big Bad Wolf

01 February 2016 | Magazine Archives FAnews & FAnuus | Features / Profiles | Candice Sutherland, SHA Specialist Underwriters

We are all aware of the child’s story about the three little pigs. The cleverest of the three built his house out of bricks, and the Big Bad Wolf could not huff and puff and blow it down. One would say he was prudent and forward thinking in that he saw a risk and took steps to prevent it from becoming an issue.

In a world where cyber-attacks are occurring on a frequent basis, are we being prudent in protecting our data? Or are we taking the view of the other two pigs? Cyber policies are becoming a crucial part of a company’s insurance cover; and it is no longer the realm of larger corporates.

Taking care of the little man

In the past, cyber policies were largely designed to suit the needs of large corporates. These companies have significant capital and have a very large need to protect sensitive information. But this need is no less pertinent when it comes to small and medium enterprises (SME). In fact; one may argue that the need is even more pronounced with these companies.

An SME may never recover from a cyber-attack. Invariably, an SME may not be able to afford a messy legal battle following a breach or two weeks of down-time following a hack attack. SHA’s new policy and our cyber risk team work together to help mitigate that risk.

The price is right

The pricing of the new product is also tailored to fit the finances of an SME. Traditionally, cyber cover has been out of the reach of small businesses due to large premiums and excesses, but we've changed all that and a relatively small SME can get themselves insured for under R10 000 per annum.

SHA believes that the resultant damage of a cyber breach in a small business far exceeds that of a larger corporate as SMEs don’t always have the funds to spend on IT Infrastructures or Security and because of this many insurers are not willing to take on the risk. SHA has taken a view that the businesses that make up the backbone of our economy need protection as much, if not even more, than corporates.

Money’s too tight to mention

Most cyber policies exclude financial losses and actual funds that are stolen. Our new policy covers this exposure. The policy also recognises that business use of social media platforms is growing and with this increased visibility in the social space comes the risks of defamation – often perpetrated by employees - and even copyright infringement.

The policy provides liability cover to protect the business against these types of events. Traditional cyber exposures are also covered such as liability following a network breach, the costs of reinstating a damaged database after an attack, public relations costs to protect the brand, credit monitoring for clients of the insured whose personal info has been compromised, and loss of business income while the system is offline.

We have also included professional indemnity insurance for technology professionals who may be providing IT services to their clients so that they don't need a separate policy.

Clarifying the issue

SHA will indemnify the insured for monetary loss sustained as a direct result of the insured’s failure to prevent a network security breach. The maximum amount payable is R100 000 in the aggregate, and the deductible is R10 000.

Monetary loss shall not include trading losses or liabilities, or losses suffered as a result of transactions involving Bitcoin or any other virtual currency. Other instances that are not covered include the face value of coupons, price discounts, prizes and awards. Losses directly or indirectly arising from Phishing or incorrect, fraudulent or unauthorised transfer instructions by an employee are definite exclusions on the policy.

Fighting the dark cloud

Over the past few months, we have seen the dark cloud of racism rear its ugly head in social media and we have seen the impact of these comments on the people involved.
Companies spend a lot of time and money building their brands. That can all be damaged very quickly if public sentiment toward the business changes following tweet or Facebook post.

The company needs to react quickly and decisively when an employee brings the business into disrepute, but they may also have to defend themselves if some third party - possibly offended by the social media post - decides to take action against them. Our cover is not intended to protect individuals who post inappropriate or offensive material but rather to protect the company that may be dragged into litigation following the actions of an employee.

SHA’s SME Cyber Policy will indemnify the insured company for its legal liability to pay damages, PR communication costs, defence costs and claimants’ costs arising from a wrongful act that causes harm to the reputation or character of any person or organisation in the performance or failure to perform multimedia activities including digital and social media activities.

quick poll
Question

If you had to hazard a guess, when do you reckon the COFI Bill will be signed into law?

Answer
View the Results arrow
FAnews April 2026
THE LATEST EDITION FANEWS MAGAZINE
  • Geopolitical risk: the rising threat to global trade and insurance markets
  • The regulatory tightrope: achieving consumer protection without overregulation
  • Liability disclaimers and consumer protection: key lessons from recent case law
  • From promise to payout: the real test for employee benefits
  • Retirement planning: when the maths doesn’t math
Products & Services
Useful Links
Important Links
Jobs

© FAnews | Privacy Policy | Site Map | Website Design by Online Innovations