Businesses need firewalls and cybersecurity insurance policy as well

JavaScript is disabled!

Please enable JavaScript to read this content.

Kenya’s losses to cyber criminals reached Sh3.6 billion in 2022. [iStockphoto]

The sharp rise in cyber breaches by 943.01 per cent between October to December 2023 paints a new 'normal' for businesses of all sizes in Kenya that they must contend with.

According to the 32nd edition of the Cybersecurity Report by the Communication Authority of Kenya, the mind-boggling surge includes sophisticated malwares that target corporate IT systems and social engineering scams that penetrate corporate systems by duping employees to share their logins and passwords online.

Cybercriminals are constantly evolving their tactics, enabling them to siphon cash from would-be victims and inflicting devastating financial losses on unsuspecting companies. This growing threat has made a strong case for cybersecurity or cyber insurance which offers a critical safety net for operating in this environment.

Cyber insurance goes beyond traditional firewalls, providing businesses with financial protection against the costs associated with a cyberattack. This includes covering expenses related to data recovery, forensic investigations, legal fees, and even credit monitoring for affected customers.

Looking at the devastating impact that cybersecurity has on businesses, insurance is a worthy investment. In 2022 for example, a new report released by global cyber security firm Trend Micro shows Kenya’s losses to cyber criminals reached Sh3.6 billion (USD 36 million), compared to Nigeria and South Africa where they are nearly tenfold at Sh50 billion (USD 500 million) and Sh57 billion (USD 570 million) respectively.

Grim reality

While cybercrime is now a grim reality, Kenya still lags in cyber insurance product development with the main challenge being a severe deficit of cybersecurity expertise. Kenya has a paltry 2,000 personnel mainly working for private companies compared to the current demand of between 40,000 to 50,000. The situation calls for urgent mitigation with each sector defining its own cybersecurity needs.

For the insurance industry, the rigorous underwriting process and financial capacity needed to support it has become a key hindrance affecting most insurance companies' ability to develop new products. To circumvent the challenges, insurance companies must adopt new technologies such as machine learning, artificial intelligence and data analytics to generate new solutions for a myriad of challenges being witnessed.

This is being applied in different products such as parametric insurance, telematics insurance among others where insurers are now able to leverage on big data to predict potential risks, evaluate the impact of cyber threats, and develop new products that ensure the safety of their customers. 

A successful cyberattack exposes companies to imminent large financial losses as well as damage to their reputation that may dissuade future customers from seeking business with them.  

As we move along in technological advancement, a cyberattack is no longer a matter of "if" but "when" it will occur. That is why all businesses need to secure a cyber insurance policy to be cyber-ready. For all stakeholders in the sector, a challenge lies ahead on how to make the product readily available, affordable and tailored to the needs of those who need it.

 -Mr Maina is the Group Managing Director of Kenya Reinsurance Corporation