After a year in which the Covid-19 pandemic ravaged the world, there’s a new cyber-pandemic threatening South African businesses – and the consequences could be just as deadly, as cyber hackers find new ways to attack companies’ critical data and information.
Speaking ahead of Safer Internet Day on 9 February, Minnaar Fourie, commercial director at insurer King Price, says the shift to remote work in the past 10 months had seen the number of cyberattacks on businesses soar, as hackers take advantage of new-found gaps in corporate IT systems.
“A pandemic and cyberattacks have much in common: they’re unfolding on a global scale, they can strike anywhere without warning, they spread easily, and they have the potential to do immense damage to your business,” says Fourie.
The use of remote access technologies such as the remote desktop protocol (RDP) and virtual private network (VPN) increased by 41% and 33% in the first two months of the Covid-19 outbreak alone, according to ZDNet. This offers new ‘back doors’ for criminals to penetrate IT systems and carry out cyber-attacks.
“We’re seeing a clear shift in tactics from cyber criminals, with many employees seeing an increase in fraudulent emails, spam and phishing attempts in their corporate email since they started working remotely,” said Fourie. “One click on a malicious link can spell disaster for any business.”
Both the financial and reputational costs of an attack or breach can be crippling for an SMME, particularly with POPIA now coming online. Data from the IBM annual Cost of a Data Breach Report shows that breaches have cost local companies an average of R40,2-million each.
After an attack, it can be difficult, if not impossible, for a business to recover without the correct solutions in place, said Fourie. That’s why combining a proactive security approach with a strong cyber insurance policy is essential for any business to guard against the potential cost of restoring productivity and reputation. Proactive security measures include implementing firewalls, appropriate security software, malware scanning and continuous employee training on the basics of security.
To address this growing risk, ICT provider Vox and King Price Insurance last year launched the country’s first cyber protection solution aimed at SMMEs, which includes both cyber threat mitigation and insurance cover. The solution prioritises the identification of vulnerabilities in existing systems and infrastructure, while simultaneously providing robust financial protection.
“While a cyber insurance policy can’t prevent your company from being attacked, it is an important way to protect businesses from the after-effects of a breach,” says Fourie.
“Our cybersure product includes cover for financial loss, disruption and reputational damage that result from cyberattacks; cover for software and data; liability arising from the misuse of, and third party attacks on, IT infrastructure; as well as cover for data breach expenses, extra costs, and loss of income, as a result of insured incidents.”