FANews
FANews
RELATED CATEGORIES

Protection is key…do you have an open mind?

23 April 2019 Jonathan Faurie

Cyber crime has grown into a very lucrative industry. In the beginning, criminals were not after much; however, studies now indicate that the global value of cyber crime may reach $ 1,6 billion by 2024.

The key element that cyber criminals are after is Big Data and this includes valuable information such as ID numbers, residential addresses and medical information. In June 2018, Liberty fell victim to cyber criminals where key information was stolen from the company. 

FAnews spoke to Candice Sutherland, a Cyber Insurance Underwriter at iTOO Special Risks, to find out how the increase in cyber crime can affect the financial services industry. 

Risk evolution

One of the key aspects of cyber crime is that, because it is a technologically based crime, it is constantly evolving. 

“As the risk landscape evolves, so does the need for a proactive approach to providing comprehensive cover. Current trends dominating the market would be extending cover to make provisions for outsourced service providers as well as legislation such as the General Data Protection Regulation (GDPR). The global cyber insurance market shows an annual growth of 20-25% and predictions say premiums may reach $20 billion by 2025,” said Sutherland. 

Important drivers

An important driver of cyber crime is the increasing adoption of cloud-based services. 

There are other drivers in the market. According to Sutherland, these include: 

  • hackers sharpening their skills while consumers remain complacent. Globally, cybercrime was the second most reported crime in 2018;
  • 63% of network intrusions are the result of compromised user passwords and usernames;
  • mobile platforms are one of the fastest-growing targets for cyber criminals. Symantec identified 18.4 million malware detections in 2018 and over 60% of online fraud occurs through mobile platforms (80% of which is through mobile apps);
  • more than 400 000 Denial of Service (DoS) attacks are reported each month across the globe. By 2020, 25% of cyber attacks will involve devices associated with the Internet of Things (IoT);
  • the number of ransomware families increased from 30 to 98 revealing the distinct focus by cyber criminals using ransomware to extort money from businesses; and
  • Symantec found that there was an 8 500% increase in detection of coin miners showing a massive increase in hackers using victim’s computers, power and resources to mine crypto currency instead of stealing personal data or money. 

Key protection

Sutherland added that the coverage buyers are most interested in is business interruption (BI) cover. 

“Traditional liability policies require physical damage to occur before BI can be triggered. When a network or privacy breach occurs, there is no physical damage; therefore, traditional liability policies will not respond. This is where the value of cyber insurance comes to the fore,” said Sutherland.   

She added that in order to protect themselves fully, companies must be aware of the nature of the issue. “Cyber liability is not an IT issue, it’s a people problem and your staff are your biggest threat. Research shows that 63% of network intrusions are the result of compromised usernames and passwords that can only be accessed internally,” said Sutherland. 

She added that phishing and spear phishing remain highly effective forms of attack and are used in 71% of attacks. “South Africa has the highest ranking in the world when it comes to phishing. Research shows that 1 in 785 emails fell victim to a phishing attack. Mobilie malware is also on the rise; it is estimated that 27 000 new mobile malware variants and 350 000 new ransomware variants were discovered last year. Attackers typically use software updates to infiltrate organizations where traditional infection vectors prove to be unsuccessful,” said Sutherland. 

Key spending

The threat of cyber crime is very real, and volume is key. Sutherland points out that a particular cyber breach in India saw 1,1 billion pieces of data stolen from Indian government agency, Aadhar, who has built banking services that can be accessed over smart devices such as phones and tablets. 

A 2018 hacking incident saw cyber criminals steal 500 000 000 pieces of information from the Marriott Hotel Group. 

While these statistics show that large companies are prime targets, it is important to note that small and medium companies are also key targets. Therefore, investing in firewalls and a well thought through cyber security action plan is important, as is investing in cyber liability products. 

While underwriters are not licenced to provide advice, Sutherland said that it is important to bear the following in mind when it comes to how a cyber breach can impact an organisation. 

According to the 2018 Ponemon data breach study:

  • The average time to identify a data breach is 196 days;
  • The average time to contain a breach is 69 days. This causes business interruption; and
  • The cost per lost or stolen record is R1 775. “How many employee and client records do you store? What is your data destruction policy?” asks Sutherland. 

Editor's Thoughts:
It is becoming important for insurers to become aware of the growing threat of cyber crime and not turn a blind eye to it. What are your thoughts on the growth of cyber crime? Please comment below, interact with us on Twitter at @fanews_online or email me your thoughts jonathan@fanews.co.za.

 

Comment on this post

Name*
Email Address*
Comment
Security Check *
   
Quick Polls

QUESTION

With regards to the COFI Bill, do you believe lumping the health and finance sector in the same basket will sustain the financial sector?

ANSWER

Yes, it forms part of the FSCA’s mandate to protect and maintain the sustainability of the financial sector, and to legislate fairness and make it the law
No, the products are different therefore the health sector should not have to be subjected to similar conduct requirements
This will cause problems. More consultations should be conducted before the final version of the COFI Bill is sent to Parliament for promulgation
A E fanews magazine
FAnews April 2019 Get the latest issue of FAnews

This month's headlines

Differences aside… in the name of fairness
Advice… now more important than ever
COFI… is this a reason to be positive?
Cyber cover: One size does not fit all
The need for member education
Subscribe now