Up your game against cyber attacks, insurer warns SA businesses
It has never been more critical for businesses of all sizes to move rapidly to secure their key IT systems and company and customer information.
That’s the warning from insurer King Price as the world observes Safer Internet Day on Tuesday.
The year 2021 was a record for data breaches, according to the Identity Theft Resource Centre.
Interpol estimates nine out of every 10 African businesses are operating without the necessary cyber security protocols in place, putting themselves and their clients at risk of massive financial loss.
“Many smaller businesses we talk to seem to think they won’t be targeted. They are wrong. What we’re seeing clearly is a trend where businesses of all sizes, in all sectors, are potential targets for cybercriminals.
“SMEs are often the weakest link as they don’t have the same level of protection as big companies,” said Minnaar Fourie, King Price commercial director.
Fourie said a cyber attack can literally put a small to mid-sized company out of business.
A 2019 IBM study put the average total cost of a data breach in SA at R43.3m.
Globally, an Inc.com study suggests 60% of small businesses close their doors within six months of an attack.
If your business is hacked and you don’t have the correct procedures and safeguards in place, you could get fined by the regulator.Minnaar Fourie, King Price commercial director
“Adding an extra layer of complexity is SA’s Protection of Personal Information Act, which fundamentally changed the way businesses deal with consumers’ personal information. If your business is hacked and you don’t have the correct procedures and safeguards in place, you could get fined by the regulator,” said Fourie.
“On top of that, anyone who incurred damages as a result of the breach could take legal action against the company for damages. We’re not even getting to the issue of reputational damage.”
While cyber security insurance is becoming increasingly common among local businesses, that is only one element of the precautions every company should be taking.
Apart from the security basics — having a firewall and enterprise-level anti-virus software and regularly backing up data — the biggest step companies can take is to create greater awareness among their employees, said Fourie.
“It’s no use spending millions on security solutions if you don’t educate your people. When it comes to security, your people are the weakest link. They click on dodgy links. They use weak passwords. They let other people use their devices at home.
“Your best defence is to create an active cyber security culture that gets everyone in the business following basic security habits.”
Would you like to comment on this article?
Register (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.