CYBER VS CRIME INSURANCE. WHAT’S THE DIFFERENCE?

Cyber and computer crime are among the leading risks facing businesses globally, with smaller businesses being particularly vulnerable. In Kenya alone, cybercrime costs the economy up to KES 20 Billion annually.

When cybercriminals infiltrate a network, hold data hostage, or acquire sensitive data, the company they steal from can be exposed to huge losses. It takes just one successful cyber-attack to cause significant financial and reputational damage to your business. It is therefore imperative for businesses to put cyber security on their agenda by not letting their core online systems be compromised. Secondly by safeguarding their digital assets and the private information of their clients and employees with the right insurance. There are two types of insurance available and it is important to understand the difference between cyber and crime insurance policies.

CRIME VS CYBER COVERAGE

As cyber insurance becomes the norm for many companies, there is growing confusion concerning the differences between crime and cyber coverage. In Short: Crime policies cover the direct loss of your funds, whether through maleficence, employee dishonesty, or social engineering whereas cyber policies cover economic damages arising through a failure of network security or privacy controls which may cause indirect losses. Even as cybercriminals and their tactics become more complex, the majority of cyber and cyber-crime attacks are executed via social engineering

Employees remain the greatest area of concern, whether via wilful acts or negligence. About 90% of all cyber-attacks arise specifically from employees who are the target of social engineering scams.

EXAMPLES OF CLAIMS

Crime

An unknown party impersonates the insured’s bank, contacts the insured’s fund transfer administrator, and convinces them to activate a computer link back to the fraudulent bank. This then allows the impersonator to contact the insured’s real bank, pretend to be the insured, and do wire transfers that ultimately end up in a foreign bank resulting in a loss of KES 3,000,000

Cyber

Several employees of a hospitality company discovered when filing taxes that their taxes had already been filed. The company engages a forensic expert for technical analysis. The investigation determined an HR executive inadvertently downloaded malware that extracted information impacting over 10,000 past and present employees. The company provides written notification to all affected parties and engages a PR firm to assist with talking points and management of social media.

MAKING A BUSINESS CASE FOR CYBER INSURANCE

Any organization that stores and maintains customer information collects online payment information, or uses the cloud, should consider adding cyber insurance to its budget. Also, consider the proliferation of devices that now connect to business networks – there are simply more opportunities for malicious folks to access an organization’s assets. Cyber Insurance therefore provides an important fall-back plan for the business.

Regarding costs, cyber insurance coverage and premiums are based on an organization’s industry, type of services provided, data risks and exposures, security posture, policies, and annual gross revenue.

 GETTING STARTED

A good first step is to create a cyber-risk profile for your company and create a list of expenses you want to have covered in the event of an incident. Then, you can determine an estimate for third-party costs. We have the expertise to assist you assess the full spectrum of your cyber risks and develop an insurance program to address them cost-effectively.

Contact our office at +254700296850 or write an email to insure@assurein.co.ke for more details.