Cybersecurity: Why companies must remain ever vigilant

Cybersecurity: Why companies must remain ever vigilant

Faith Muriungi-7 Passport

Cybersecurity: Why companies must remain ever vigilant

The Cyber Security Report for Q2 2023-2024, unveiled by the Communication Authority of Kenya, provided insights into the dynamic landscape of cyber threats confronting both individuals and organizations across the country. Noteworthy trends outlined in the report include a surge in malware propagation and an uptick in phishing attacks, posing significant cybersecurity risks. 

According to the cybersecurity report by the National Kenya Computer Incident Response Team (National KE-CIRT/CC), between October and December 2023, over 1.2 billion cyber threat events were identified, marking a staggering 943.01 percent increase compared to the preceding period from July to September 2023, attributed largely to the bolstering of our cyber threat monitoring capabilities and vulnerabilities stemming from system misconfigurations. 

In today's digital landscape where businesses rely highly on technology for their operations, the significance of cyber risk insurance has never been greater. As organizations embrace digital transformation and expand their online presence, they inadvertently expose themselves to many cyber threats, ranging from data breaches to ransomware attacks. 

Proliferation of ransomware attacks

The proliferation of ransomware attacks has emerged as a significant cybersecurity threat, leveraging sophisticated techniques to extort valuable data from individuals, businesses, and government entities. 

Considering the substantial impact of cybersecurity incidents on businesses, investing in insurance is a prudent decision. For instance, in 2022, Kenya experienced losses of at least $153 million (KES20.4 billion) due to cybercrime, with projections indicating a 14 percent annual increase. Despite the escalating cybersecurity threats, Kenya's progress in developing cyber insurance products remains slow compared to the potential risk.

According to the Computer Society of Kenya, this challenge is exacerbated by a severe shortage of cybersecurity expertise, with only approximately 1,700 professionals available compared to the current demand ranging between 40,000 to 50,000. 

Cyber risk insurance, alternatively referred to as cyber insurance or cyber liability insurance plays a vital role by providing coverage for a wide range of cyber risks. These risks encompass data breaches, network security lapses, and disruptions to business operations triggered by cyberattacks.

This specialized form of insurance is specifically crafted to alleviate the financial burdens associated with cyber incidents. It extends coverage for expenses such as legal fees, regulatory fines, costs related to data recovery efforts, and payments demanded by extortionists. Cyber risk insurance is a policy tailored to provide both individuals and corporations with protection against losses incurred by cyber-attacks and data breaches. 

This insurance policy is an important addition to other risk mitigation strategies. It complements tactics such as regular risk assessment, employee training to promote cybersecurity awareness as well as use of cybersecurity products such as firewalls and antivirus software.

By obtaining insurance to cover cyber risk, you are able to work peacefully because measures are in place to manage and overcome the stress that is induced by a cyber-attack or loss of data. 

Read also: Collaboration and investment key to strengthening Africa’s digital payments cybersecurity

Challenges in the realm of cybersecurity

The advancement of technology is indeed offering solutions to many of the challenges faced in the realm of cybersecurity. Insurers now harness big data to anticipate potential risks, assess the ramifications of cyber threats, and innovate new products to ensure the security of their clients. This becomes crucial as the increasing complexity and frequency of cyber-attacks necessitate insurance providers to possess a deep understanding of their client's risk profiles.

In determining optimal coverage terms, underwriters conduct thorough cyber risk analyses of companies' cybersecurity protocols. These assessments scrutinize factors such as how a company selects web applications, the robustness of its processes, and the efficacy of its controls in safeguarding systems, networks, programs, devices, and data against cyber threats. Following these evaluations, insurance companies recommend strategies to mitigate the risk of cyber-attacks and fortify defences against unauthorized exploitation of systems, networks, and technologies.

In a landscape where hackers and cybercriminals constantly evolve their tactics, it is imperative for companies and individuals to continually reassess and enhance their cyber risk management strategies, including the utilization of cyber risk insurance. By remaining vigilant, proactive, and adaptable, we can effectively mitigate the ever-present threat posed by cyber-attacks and safeguard our digital assets and operations.

The writer, Faith Muriungi, is the Senior Manager Underwriting at CIC General Insurance

Advertisement