The growing threat of cyber crime frequency and severity across the developed world has not put Africa on the excluded list, rather, the threat is gradually gaining notoriety with a few incidences reported.
The chief executive officer, Munich Re Africa, Nico Conradie, at a recent webinar hosted by Coronation Insurance in Lagos, tagged “Managing Risks That Keeps CEOs Up At Night,” the insurer used the webinar to present the bancassurance partnership between Coronation and Access Bank. While reflecting on the topic, Conradie said: “In our digital connected mobile world, cyber risks is deserving of some sleepless nights.”
Conradie said the continent is at the risk of cyber crime and like other parts of the world, it’s exposed and vulnerable. For example, he said the South Africa judiciary was hacked recently and months earlier, several insurance companies had to make embarrassing statements about being hacked. This he said, proved that insurance and banks are not immune to such acts. He reiterated that the bottom line remains that if we do business in Africa, we are exposed to cyber crime just as anywhere else in the world.
Munich Re Africa top man said, the first approach to cyber risk is to identify, quantify, monitor and then try to mitigate it. He said the first thing a good company should do in order to mitigate cyber risk, is to set up firewalls and anti virus programme and phishing devices and the IT drivers that can be brought in to reduce cyber risks; because employees themselves are guardians against cyber risk. Besides, he said these employees play the role of front line officers in mitigating phishing and other cyber events.
With all these measures in place, Conradie said it’s still not possible to mitigate all cyber risks, “There will be always some residual risks. And for that it is also important to consider cyber insurance,” he advised.
With a zoom view of the rolling sequence of cyber threats, the Munich Re Africa chief said: “Cyber insurance market globally is a fast growing market. We believe in fact it could become one of the largest lines of business in the future. It’s of course highly specialised and complex.” Other skills that should be acquired to be ahead of the thieves he said, are also of immense value. “One has to be very much aware of how cyber events unfold; what hackers are up to and also guard against accumulation of events taking place.
“Cyber insurance is not all about paying money to a policyholder. If my computer is impacted by a virus and my data is wiped out; the last thing I need is a cheque from the insurance company. What I actually need is a new computer with my data restored which is in full working mood again,” he said
He therefore, gives an insight to what a cyber insurance cover should be. A good cyber insurance and reinsurance he explained, should assist policyholders in the management of the overall cyber incident. “It means dealing with public relations issues. It means dealing with legal persons, it means cleansing up the ransom that was installed illegally. It means reconstituting data, installing new protection software. It means bringing back the company where it was before the event.”
Cyber insurance according to him is a broadband that tries as much as possible to reach all sections of issues involved. He believes that a certain level of expertise is required and market knowledge and its dynamics. “It’s just like providing a motor insurance policy plus a toying truck, an ambulance plus a doctor to make sure that the client is in good shape after the incident. It is not just about paying a cheque to the person that was injured in the car accident.”
Conradie also said regulators have a role to play in putting in place specific regimes to manage privacy and also create a regulatory environment that fits into cyber protection.
Speaking in another related matter, Key macro economic risks and how they impact our economy, Bode Agusto, former founding managing director, Agusto & Co, and currently independent researcher/consultant, said the incidents of threats to data security in the environment is ticking up. “We have situations in the world today where people are hacking into computer systems to steal data that are private to individuals and businesses. This is a high risk in our environment and we should look for ways for mitigating these risks.”