The internet has given cyber criminals the perfect platform to grow and prosper, and very often these faceless criminals go unpunished as many brokers and clients are unaware of the concept of protecting information.
According to a report released at the 35th annual Crime Stoppers International (CSI) conference, identity theft occurs every 79 seconds worldwide. The Norton by Symantec Cybercrime Report ranked South Africa third in the world in terms of computer virus and malware crime capitals and claims that 84% of South African adults surveyed were a victim of cyber-crime in 2014. The Gemalto Breach Level Index saw over 974 million data records lost or stolen in 2014 – that is 31 records every second. The financial impact of cyber crime in South Africa in 2014: a shocking R5.8 billion.
Alarming increase
The Symantec 2015 Internet Security Threat Report shows that in 2014 there were dramatic movements. There was a 70% increase in scams shared by your own friends on social media, nearly one million new pieces of malware are released every single day, one in six android apps turned out to be malware in disguise, and 45 times more people had their devices held hostage.
While many brokers are very careful when handling sensitive and confidential information, criminals are becoming smarter and are willing to do anything to get their hands on personal information that will assist them with their illegal activities.
A hacker’s paradise
In the past year, we have seen countless IT systems falling victim to hacking as brokers issue and maintain insurance policies, often on their own IT systems.
Brokers need to ensure that these systems are well protected against criminal activity. By gaining access to these systems, or simply going through a broker’s cellphone or tablet, criminals are able to see detailed home content lists, vehicle registration details, expensive jewellery valuations, security system details and other confidential personal/medical information.
Weak points
Another area of weakness is the scanning machines used to upload this information. In many cases, personal information is manually scanned and uploaded on to the computer.
A huge risk lies with these scanning and photocopying devices, which often stores all scanned items in their memory. Should the information on the device’s storage be hacked, the criminals are able to access all the material on the device and use this information for fraudulent activity.
Legislative savior
To help mitigate the chances of personal information falling into the hands of these criminals, legislation has been put into place to protect policyholders. The Protection of Personal Information Act (POPI) seeks to regulate the processing and collecting of personal information, and a breach of the Act, could result in a R10 million fine or ten years in prison.
In light of these significant fines, brokers also need to educate their clients on the importance of a Cyber Insurance Policy, which will cover the following costs in the event of a breach:
•First Party Expenses, including: the actual costs to restore, re-collect or replace data; expenses of specialists, investigators, forensic auditors or loss adjusters; costs for the use of rented, leased or hired external equipment, services, labour, premises; or additional operating costs, including staff overtime;
• Loss of Business Income;
• Notification Expenses. For example, the expenses incurred to comply with privacy legislation;
• Crisis Management Expenses including the services of a public relations consultant, related advertising or communication expenses; and
• Associated regulatory fines and penalties to the extent insurable by law.
Even a small scale cyber breach can lead to catastrophic reputational harm and bankruptcy. We all need to be mindful that it is far easier to intercept a small to medium enterprise than a large corporate that has spent a substantial amount of money on firewalls and security.