South African small and medium enterprises (SMEs) are particularly vulnerable to cybercrime as they often lack adequate protection, according to Thabo Twalo, chief underwriting officer, Santam Broker Solutions.
Although there has been a rise in the prevalence and cost of cyber attacks, a recent Santam survey has revealed that only 26% of commercial entities have cybercrime cover in place.
The frequent attacks on smaller businesses is more concerning, with the SHA Risk Review finding that one in three SMEs had been victim of a cyber attack.
"Despite several recent high-profile cyber-attacks, research suggests that while cybercrime is recognised as a risk, local business owners under-estimate the protection measures required and most don’t have the necessary cover in place," Twalo said.
Large commercial (44%) and large corporate (28%) respondents are leading the way in the take up in cyber insurance, according to the survey, however, SMEs, still have a strong perception that a cyberattack will not happen to them.
Therefore, businesses need to increase staff awareness around cyber-security, cut down on unnecessary information transfers, and avoid complacency in managing data.
"Security measures could include providing work-issued computers to employees working remotely and ensuring they are used only for work-related tasks and installing anti-malware protection to detect threats. Employees should be required to ensure routers have built-in firewalls and that they change passwords often," Twalo said.
Twalo emphasised the need for SMEs to make sure they have appropriate insurance in place to protect their businesses from this growing threat.
Business owners should consider policies that provide cover for the following areas:
Data breach and restoration
Access to cyber security experts to investigate the damage caused by a cyber attack to ensure compliance with legal requirements such as POPIA as well as restore the data that has been impacted.
Third-party liability
Cover for claims that were made against the business by clients or agents whose private information had been compromised due to the data breach.
Business interruption
Compensation for loss of profit due to the business being unable to trade after a cyber attack.
Cyber extortion and cybercrime
Assistance to help businesses recover quickly from a cyber attack and manage the financial ramifications of ransomware.
@sainnovationsummit When to Integrate Cybersecurity in Your Startup As entrepreneurs, timing is crucial for integrating cybersecurity and data privacy into our business models. Discover why starting early can save us from costly breaches and re-engineering later on, ensuring our solutions remain secure from the get-go. #SAIS #Cybersecurity #DataPrivacy #EntrepreneurTips #StartupSuccess #ProductMarketFit #BusinessStrategy #SmallBusiness #PrivacyByDesign #TechStartups #SecureSolutions ♬ original sound - SAIS
IOL Business