As if the Covid-19 pandemic in itself wasn’t devastating enough, hackers have leveraged the opportunity to attack vulnerable networks as office work moved to personal modes. This is as US FBI has reported a 300 percent increase in cybercrimes cases since the pandemic.
According to statistics, only 51 percent of organizations in Nigeria are confident in their team’s security ability to act and 71 percent have reported an increase in data breach threats since the pandemic outbreak with financial institutions bearing the brunt of each attack.
These were key data from an interactive webinar titled ‘The Ever Increasing Impact of Cyber Attacks: A case for Cyber Insurance’ organised by Allianz Nigeria, in its bid to create awareness and educate business owners on safely measures and how to mitigate these risks.
From the outcome, it was discovered that Cyber risk trends that are likely to affect organizations include – Phishing (55 percent), malicious websites (32 percent), malware (28 percent) and ransomware (19 percent).
Among other highlights from the speakers was the need for organisations to focus not only on cyber security but more on cyber resilience. This entails a fusion of information security and business continuity strategies. In other words, cyber resilience is the ability of an organisation to withstand attacks or failures and in such instance re-establish itself quickly back to operational mode.
To achieve this, a seven fold approach which includes being strategic, building capacity, strengthening the process, automate inform and transform, measure and monitor, cyber insurance and collaboration was recommended.
In an era of unprecedented security risks, companies should determine more pragmatically how they intend to curb these risks and build capacity termed as “human fire wall”. Organisations should create awareness internally, train and educate staff members as a way to minimize the ability of intruders to compromise their information security.
Organisations also need to strengthen their cybersecurity posture across all levels. Every layer of access down to the seemingly unnecessary layer should be tightened as a way to discourage attackers.
In another related remark, there is a need for conducting regular analysis so as to determine the level of exposure and strengths. Cyber-attacks as it stands is dynamic and companies stand a risk of being vulnerable either accidentally or deliberately through its people, processes or the type of technology adopted.
Speaking intricately on how to mitigate the risk of cyber-attacks, Santho Mohapeloa, senior Cyber and Liability Underwriter at Allianz Global & Corporate Specialty, South Africa emphasized the need for insurance and the importance of complying with Cyber Best Practices in preventing and mitigating cyber losses. Santho then went on to discuss the nature of cyber insurance coverage provided by Allianz for Africa under the headings First party (i.e. claims made by the insured), Third party cover (claims against the insured by a third party) and Enforcement body cover (claims against the insured by a regulatory body)
Commenting further on this, Aima Higo, unit head Reinsurance at Allianz Nigeria Insurance Plc. Said, ‘’In a connected world, we all have a responsibility to protect ourselves and the people we interact with and it all starts with understanding cybersecurity. Although, there is no 100 percent security in the cyber domain, dangers can only be reduced to an acceptable level by implementing a set of actions and by getting cyber insurance’’.
Organizations especially financial institutions, in times like this, have to learn cyber resilience, examine how quickly they can bounce back into operational mode post cyber-attack, and more importantly to transfer risks, as insurance is best to help mitigate the losses that may emanate from cyber risks.
Cyber-attacks will continue to grow over the years and a weak or vulnerable area in an operational entity is all that is needed to suffer damaging exposure to data privacy and information.
Organizational cultures therefore need to reinforce the need for a cyber-security management system and incorporate cyber insurance as a cardinal part of their strategic objectives whether or not the end of the pandemic is in sight.
