Discovery Insure raises the alarm on cyber attacks

Discovery’s short-term insurance unit has flagged cybersecurity as a growing area of business and risk in an increasingly digital world, mainly due to the pandemic. 

Covid-19 has created new avenues of theft for cybercriminals, who have taken advantage of the trend of working from home. They have found it easier to access sensitive internal enterprise systems from less secure locations — and an employee in a home office is the ideal entry point.

The global Cyber Exposure Index ranks SA sixth on its list of most-targeted countries for cyberattacks.

Given the growing dangers, Discovery Insure, which deals with individuals, cars, homes and businesses — says insurance against cyber risk is likely to become a big part of their business. 

“I think it [cyber insurance] is going to become mainstream,” Anton Ossip, CEO of Discovery Insure, told Business Day.

“You wouldn’t have a business and not take out fire insurance to cover your buildings. I think companies will realise that you can’t have a business and not take out cyber insurance as well, and taking steps to ensure that you’re protecting all the relevant data from a data protection and Protection of Personal Information [Act] perspective.”

Discovery would not say how much this business is now worth in their books or by how much they expect it to grow.

According to research firm Mordor Intelligence, the global cybersecurity insurance market was valued at $7.36bn in 2020 and is expected to reach $27.83bn by 2026, amounting to a compound annual growth rate of 24.3% over the period. 

PwC says cyber risk has been ranked as the primary concern by insurers in SA, the UK and North America. 

Discovery is not the only local insurer looking to protect clients from digital threats, with Chubb, iTOO, SHA Risk Specialists and Bidvest Insurance all offering products. 

According to Neil Hare-Brown, CEO of Storm Guidance, a cybersecurity specialist firm, businesses are open to the following main types of attacks:

• Business e-mail compromise, in which attackers hack into a corporate e-mail account and impersonate the owner as a way to defraud the company, its customers, partners, and even employees into sending money or sensitive data to the attacker’s account.
• Ransomware attacks, in which an attacker hacks a company’s systems, steals data and threatens to release that data unless a ransom is paid. In some cases, attackers take control of important systems that can stop a business from operating until money is paid.

Ossip says this is one of the areas they cover for businesses. “It costs a huge amount of money if a business’s data is held to ransom and [it] can’t operate. That’s where cyber insurance kicks in.”

Colonial Pipeline in the US recently paid $5m in bitcoin after a hack of its systems in May led to fuel shortages in the east of the country.

Despite the danger, Hare-Brown says in their experience ransoms are usually paid in the minority of cases. 

The Storm Guidance service CyberCare works in much the same way as a rapid response unit does in the case of a break-in or physical crime, except it does it virtually.

“We deal with hundreds of incidents a year and we find that it’s only a low single-figure percentage that we actually get involved in paying the ransom. There are techniques that allows us to recover the data without paying the ransom.”

Hare-Brown acknowledged that threats to release sensitive data have been on the rise in the last year and a half. 

gavazam@businesslive.co.za