Cyber crime affects us all

23 April 2019 Jonathan Faurie

One of the currently most talked about issues in insurance is cyber crime and the growing threat of technology’s influence on the industry.

This was one of the issues that was raised at the 5th Annual Spectacular Insurance Claims Conference where Justin Keevy, Divisional Executive: Commercial Crime and Cyber Risks Practice Leader at Marsh, told the audience that this threat will only grow in the future. 

Top risk

Keevy pointed out that the Global Risks Report published by the World Economic Forum defines global risk as an uncertain event or condition that, if it occurs, can cause significant negative impact for several countries or industries within the next 10 years. 

“Large scale cyber attacks and massive incidents of data fraud or theft were noted in the top 10 global risks for 2017 and 2018 based on global trends indicating a rise in cyber dependency due to increasing digital connectivity of people, things and organisations,” said Keevy. 

He added that the estimated annual cost of cyber crime to the global economy is $445 billion and is estimated to reach $2.1 trillion by 2019.  “The average total cost of a data breach globally is $4 million. Reports have ranked South Africa as the third most targeted country in the world. The FBI has ranked South Africa as the 6th most active country for cyber crime in the world,” said Keevy. 

A particular problem

This poses a significant threat to the insurance industry because of the sensitive nature of the information involved. 

Not only are the assets of policyholders at stake, but if we look at the long term insurance industry, sensitive information regarding the health status of certain policyholders may become prime targets to criminals whose modus operandi it is to withhold such information and ask for a payment for its safe return. 

“There are a number of ways that insurers can fall target to cyber crime. One of the common ways in which cyber crime can occur is through malice when a disgruntled employee or customer may feel that they need to get back at a company for any specific reason. Another way that cyber crime can take place is through negligence; this can include the loss of a laptop or portable media, virus transmission through memory sticks, insufficient security safeguards, and through emails,” said Keevy. 

Advice is key

The nature of cyber risks changes all the time as the technology behind it becomes more advanced. Because of this, professional advice is key when it comes to this area. 

“There are a number of key exclusions which may not be covered by a typical cyber crime policy. These may include incidences which have occurred prior to the retroactive date of the policy, bodily injury and property damage, employment practices liability, service interruptions such as utilities and core internet infrastructure failure, trading losses and monetary transactions, direct financial losses such as theft of funds, and the gradual deterioration of hardware which is caused by a failure to rectify system weaknesses,” said Keevy. 

Quotation considerations

Keevy said that there are a number of considerations which need to be taken into consideration when quoting on a cyber policy. 

  • the limits of indemnity are inclusive of costs and are on an aggregate basis as a combined single limit across all sections as indicated;
  • the deductible is in respect of each & every claim;
  • quotations are subject to no known claims / circumstances which may give rise to a claim from proposal form date to date cover is placed;
  • the jurisdiction of the policy will be South African; however, the territorial limits will be worldwide; and
  • quotations are valid for 30 days from the date of quotation. 

Big or small… this is for you

There has been a major debate in the industry about who is most affected by cyber crime. Many people would think that larger companies are the ones who face the biggest risk; however, Ethan Pitts - a Cyber Risks and Commercial Crime Underwriter at Camargue - points out that cyber crime insurance is for everyone. 

“Should a factory be halted while their computer systems are locked down, industrials can look to lose millions of Rands in a single day. It is therefore important that companies should therefore look at the costs of them going down for a week, or even longer and calculate the lost business during this time,” says Pitts. 

According to Pitts, a lack of cyber awareness and the prohibitive costs of effective cyber security means that it forms a low priority for most executives. 

“On a global level, only 50% of board members consider cyber security as part of the top ten concerns for their business – and South Africa follows this trend. For brokers, it is important to advise all clients that due to our integration with technology, cyber exposure is now a risk which needs to be addressed in the same manner that one would purchase insurance for an office fire or generic theft,” said Pitts. 

Editor’s Thoughts:
As technology becomes more advanced, so will cyber criminals. It is imperative that cyber policies follow suit and keep pace with these advancements. Please comment below, interact with us on Twitter at @fanews_online or email me your thoughts



Comment on this post

Email Address*
Security Check *
Quick Polls


In its current format, what will the future of medical schemes be in an industry run by the NHI?


I just can’t see it (NHI) happening
There is a real risk of our already fragile healthcare system being placed under even further pressure leading to a total collapse
Medical schemes will struggle to remain in existence if NHI does happen; there isn’t enough money in the system
A E fanews magazine
FAnews August 2019 Get the latest issue of FAnews

This month's headlines

Create designer policies through AI
Are advisers in a precarious position?
A claim, COIDA and a dog bite
Non-disclosure never an innocent fraud
Prescribed assets: The threat to pensions
Cannabis and the issue of trust
Getting the most from disability claims
Subscribe now