Cyber risk is on all-time high, and features among the top issues in many organizations and businesses in a world where cloud computing, social media, big data as well as Internet of Things (IoT), among other IT developments are taking root. It is a serious issue and ranks 5th according to the Aon Global Risk Management Survey. Ideally, businesses are aware of this concern, which is why the cyber insurance market continues to expand.
Earlier today, Aon Kenya, one of the top insurance companies, launched Cyber Enterprise Solutions to help businesses thwart cyber attack incidences that are potentially catastrophic in terms of data loss and corporate espionage, to mention a few.
“Data is an organization’s most valuable asset but it’s also most vulnerable asset. However, as businesses and companies grow, so do their exposure to cyber risk. This simply means that that as the value of a business grows, it raises its profile among hackers,” said Aon Kenya Chief Executive Officer Sammy Muthui.
According to Allan Lwala, a cyber security consultant and Dr. Bright G. Mawudor who presented informative talks during the event, cyber-attacks have evolved to bypass traditional defenses as clever malware can penetrate firewalls, IPS, anti-spam gateways or antivirus software. This is a headache to businesses, and some of them have failed to contain them due to lack visibility or limited experience/intelligence, as well as rising cyber management costs. In the same line of thought, it has been determined that some businesses overspend on security tools, which, ironically, offer a conduit for intruders to infiltrate systems.
To put this into perspective, up to 63 percent of companies that have been compromised before were informed of the breach from third parties such as security consultants or clients. Surprisingly, 100 percent of victims have up to date signatures that unfortunately cannot detect new malware or attacks as they compare threats based on what they have. By extension, this concern is heightened by new threat landscape that incorporates coordinated persistent threat actors, multi-vector and multi-staged attacks with polymorphic malware.
Primarily, the insurance solution is based on the aforementioned strides that are being made in the connectivity world. The company is aware of these concerns, and that is why it has imparted a robust and enterprise-wide coverage against any cyber risks that may spring from the use of these features (IoT, big data, to mention a few) in a business environment.
At its functional level, AON’s Cyber Enterprise Solution’s umbrella covers a wide array of connectivity-related incidences such as property damage from compromised networks, failure of products to mitigate IoT exposures that could make a business vulnerable to intrusions and interruption to its normal activities, not to mention cyber terrorism coverage and privacy or security liability.
“The launch of our new Cyber Risk Solution underlines our commitment to provide cover for the wave of new and emerging risks that worry risk managers the most. Our simplified policy wording and holistic approach to risk management and incident response means clients and brokers can feel confident about what they are getting,” added Mr. Muthui.
In Kenya, cases of cybercrime are on the rise, and this vice is common among corporates and SMEs. The dynamism of intruders based on their honed skills is based on high-value targets like financial institutions that have adopted tech in their operations. While these attacks are not limited to financial institutions, the general impression is that they are catastrophic in the end owing to the fact that 60 percent of small businesses are brought to their knees within 6 months of cyber-attack.
“Organisations rely on systems to conduct their core businesses. In the event that a hack attack, computer virus or malicious employee brings down these systems, a traditional business interruption policy would not respond. Aon Cyber Enterprise Solution is here to provide insurance cover for loss of profits associated with systems outage that might be caused by a “non-physical” threat like a computer virus,” adds Mr. Muthui.
Kenya lost about KES 18 billion to cyber-crime in 2016 alone. Almost half of government agencies are primary targets of malicious attacks. Some of these agencies, among other institutions and state sites are hacked every year. Sadly, only 15 percent had systems to detect malicious activities.
Indeed, identifying effective threat intelligence is an uphill task, and businesses must learn to understand the effectiveness of prompt and feasible security tools and how to manage them for a timely response.