Category Risk Management

Ransomware a growing threat both globally and locally

23 August 2017 Santho Mohapeloa, SHA
Santho Mohapeloa, Underwriter Cyber Risks at SHA Specialist Underwriters.

Santho Mohapeloa, Underwriter Cyber Risks at SHA Specialist Underwriters.

Global ransomware attacks have increased by 11% over the past 12 months ending March 2017, according to Europol. Furthermore, a recent IBM Security and Ponemon Institute study found that the average cost of a data breach in South Africa is currently R32 million, a 12% increase since 2016. These significant increases highlight the growing threat of cybercrime and the importance for business of all sizes to have a cyber liability insurance policy in place to protect against financial loss.

This is according to Santho Mohapeloa, Underwriter Cyber Risks at SHA Specialist Underwriters, who states that when a ransomware attack occurs, it typically results in business interruption, which can have a negative impact on a company’s financial wellbeing as a whole. “The loss of sensitive data or critical company records that are essential to the day to day running of a company will most likely affect a company’s bottom line adversely.”

In addition to this, a ransomware attack can lead to reputational harm, which is often difficult to ascertain or quantify, but can have disastrous effects that can threaten the company’s existence, he adds. “The biggest pitfall for affected parties is often the actual cost of the ransom itself.”

Mohapeloa explains that ransomware encrypts files and documents. “The encrypted documents may be of a sensitive nature or belong to a third party, for example documents containing trade secrets, medical and financial information. The ransomware demands payment of a ransom, sometimes in a form such as bitcoin, in return for a digital key that is required to regain access to the files. In most cases, there are no guarantees of retrieving the information after payment and the likelihood of a repeat attack is high.”

There is a common misperception that only large companies suffer from these attacks, but the reality is that these attacks are most often conducted randomly and the perpetrators attack indiscriminately, he says. “The attacks can be experienced by Small, Medium Enterprises (SMEs), large corporates as well individuals in their private capacity. Any company of any size is susceptible to a ransomware attack, particularly those that run older operating systems and those that do not rectify vulnerabilities with patches and updates.”

A typical cyber insurance policy will indemnify the insured for extortion expenses and extortion monies paid by the insured resulting directly from a credible threat (e.g. malicious code and ransomware) or series of threats that include a demand for extortion monies, occurring during the policy period, he says. “The nature and the extent of cover in respect of a cyber liability policy differs from one service provider to another. This is where the benefit of an insurance broker or intermediary comes into play as they can help to determine the level and type of insurance policy that will be most suitable to the specifications of the policyholder after conducting a thorough needs analysis.”

Due to the intricate nature of the product, it is imperative that one doesn’t adopt a “one size fits all product” approach, he warns. “Proper attention must be paid to the needs analysis of the business, taking into consideration the rate and pace of developments in an ever growing technological world.”

Comprehensive standalone cyber insurance policies should not be confused with cyber liability extensions attached to a conventional liability policy, he warns. “Consult your risk advisor to interrogate your current policy to ensure that you appreciate and comprehend the differences between the various covers available in the market.”

Mohapeloa states that having a cyber policy in place is hugely beneficial, firstly to cover the related financial losses and then secondly, by having the insurer taking over what can be a very complicated incident management process, depending on the type of cover that has been purchased. This generally involves the provision of a dedicated team to handle forensic investigations; identity and credit monitoring; data and restoration; crisis management; and a public relations officer to deal with the reputational harm.”

The benefits of a cyber liability insurance definitely outweigh the cost. The risk of trading these days without cyber insurance is way too high especially considering data protection laws, regulations and technological advancements, he concludes.

Quick Polls


Have you seen insurers implementing rate adjustments / risk management around climate change?


fanews magazine
FAnews June 2024 Get the latest issue of FAnews

This month's headlines

Understanding prescription in claims for professional negligence
Climate change… the single biggest risk facing insurers
Insuring the unpredictable: 2024 global election risks
Financial advice crucial as clients’ Life policy premiums rise sharply
Guiding clients through the Two-Pot Retirement System
There is diversification, and true diversification – choose wisely
Decoding the shift in investment patterns
Subscribe now