By Adedapo Adesanya
One of Nigeria’s leading insurers in Nigeria, Leadway Assurance, has called on corporate entities, institutions, religious organisations and individuals to provide necessary insurance measures to protect their database and computer networks from cyber-based attacks.
This was emphasised at a virtual training workshop organised by Leadway Assurance for insurance journalists themed Understanding Cyber Insurance.
Speaking at the event, Mr Uzodinma Ibe of the Casualty & Liability Underwriting, General Insurance, said with increased online and internet connectivity becoming part of the day-to-day business, as a result of the COVID-19 pandemic, there is a need for insurance protection against cyber attacks.
He said a comprehensive report by a United Kingdom (UK) cybersecurity company identified that there was high traffic when it comes to information, transactions and data emanating from Nigeria into digital space.
He added that the survey noted that 36 per cent of Nigerian organisations suffered cyber attacks in the last 12 months.
Mr Ibe also said that 64 per cent of cyberattacks in Nigeria exploited misconfigurations on the organisation servers, pointing out that Nigeria has the highest data leakage in the world.
On business activities, social networking and governmental activities, he said the report has also identified where Nigeria as a digital hub is and to what extent are their cyber exposures.
In order to avoid cyber attacks on our computer networks, which sometimes resulted in data and financial losses, there is a need for enterprises, individuals, corporate organizations, to see it as a serious business and take up some form of cyber mitigating effort in this regard.
According to him, “Here in Leadway, through our research we have been able to identify a particular area of cyber exposure where corporate entities can find themselves and see how we can do proper risk management and provide a specific insurance product that can help them mitigate such exposures through Cyber Risk Management Insurance which in some quarters called Cyber Liability Insurance and in some, cyber risk management insurance.
“We have been able to highlight that technology, social media and transactions over the internet (cyber platforms) play a key role in how most organizations conduct business and reach out to prospective customers today. These vehicles have gateways – platforms, integrations that cyber attackers often use.
“From Leadway point of view, our Cyber Enterprise Risk Management Insurance policies try to help any organisation mitigate risk exposure for certain cost expenses involved with recovery after a cyber-related security breach or similar event.
“On who is being indemnified or who is being provided cover, he explained that Leadway Cyber Insurance provides first-party coverage and third-party liability risk covers against cyber-attacks for organisations.
“First-party, which is the policyholder, the individual or that corporate entity that buys the insurance, such policy caters for private investigation expenses where there is some form of data compromise or breach to reach out to different customers to inform them of the breach.
“Third-party liability coverage indemnify companies for losses to others caused, for example, by errors and omissions, failure to safeguard data or defamation; and other benefits including regular security-audit, post-incident public relations and investigative expenses, and criminal reward funds.
“Risks of this nature are typically excluded from traditional commercial general liability policies or at least are not specifically defined in traditional insurance products. Most people believe that only large-scale industries, such as banks only need cybersecurity insurance.
“However, any electronic information such as your name, email, contact number, financial records, medical records, payment information, government documentation, etc., stored in your personal devices can be easily and quickly hacked by a genius hacker,” he explained.
“Cyber-insurance is a speciality lines insurance product intended to protect businesses, and individuals providing services for such businesses, from Internet-based risks, and more generally from risks relating to information technology infrastructure, information privacy, information governance liability, and activities related thereto,” he pointed out.