SATIB Insurance Brokers general manager Taurai Pambweya says businesses need to embrace cybersecurity insurance as a matter of urgency amid increased cases of data breaches.
Cyber insurance is a specialised insurance policy designed to protect businesses from financial losses due to cyber attacks or data breaches.
It covers a range of incidents, from data breaches and ransomware attacks to system failures and business interruption.
Presenting during the just-ended Insurance Institute of Zimbabwe Winter School in Nyanga this week, Pambweya said it was critical for businesses to be aware of the insurance available and how they can best mitigate the cyber risks.
“Cybersecurity threats are becoming increasingly common and businesses need to have adequate insurance coverage in place,” he said.
“Cyber insurance is a crucial component of a comprehensive risk management strategy in today’s digital landscape.
“It provides financial protection, legal support and reputation management in the event of a cyber incident.”
Pambweya said it was essential to consider cyber liability insurance to safeguard businesses and mitigate the potential impact of cyber threats.
Modern organisations, he added, needed to prioritise maintaining updated cyber security hygiene and invest in cyber insurance to protect their businesses.
“Think of cyber insurance as an umbrella policy that covers various financial losses from cyber-attacks. Cyber liability is a specific piece of that umbrella focusing on legal issues arising from data breaches,” Pambweya said.
“Commercial crime insurance is a separate policy that protects against a wider range of criminal activities, both digital and physical.”
A number of institutions in Zimbabwe have been under attack this year from cybersecurity breaches, unsettling the business sector.
According to Pambweya, the first part of coverage should include cyber incident response, that is, legal fees, forensics, notification costs, credit monitoring, public relations, loss of net profits and continuing operating expenses from interruptions of the insured’s systems.
He said the coverage should also be with contingent business interruption as it added losses.
Coverage should also include costs to restore or replace lost and damaged data as well as deal with software network extortion, reimbursing extortion payments and negotiation expenses, according to Pambweya.
On the other hand, third party coverage should include such aspects as liability for failure to protect private or confidential information of others or failure of network security, contractual liabilities owed to payment card industry firms because of a cyber incident.
The coverage can also defend against regulatory actions and provide coverage for fines and penalties and where insurable by law, provide liability against defamation or copyright and trademark infringement online costs.