The sharp rise in cyber breaches by 943.01 percent between October to December 2023 paints a new ‘normal’ for businesses of all sizes in Kenya that must contend with to affirm business continuity.
According to the 32nd edition of the Cybersecurity Report by the Communications Authority of Kenya, the mind-boggling surge includes sophisticated malwares and social engineering scams that target corporate IT systems by duping employees to share their logins and passwords online.
Cybercriminals are constantly evolving their tactics that have enabled them to siphon cash from would-be victims inflicting devastating financial losses on unsuspecting companies. This growing threat has made a strong case for cybersecurity or cyber insurance, which offers a critical safety net for operating in this environment.
And online presence being a key lifeline for every company and government entity, every entity has no options but to maintain active online through their websites, software applications for both their internal and external customers.
Cyber insurance goes beyond traditional firewalls, providing businesses with financial protection against cyberattack-related costs.
This includes covering expenses related to data recovery, forensic investigations, legal fees, and even credit monitoring for affected customers.
Looking at the devastating impact that cybersecurity has on businesses, insurance is a worthy investment.
In 2022, for example, a new report released by global cybersecurity firm Trend Micro shows Kenya’s losses to cyber criminals reached Sh3.6 billion ($36 million), compared to Nigeria and South Africa where they are nearly tenfold at Sh50 billion ($500 million) and Sh57 billion ($570 million), respectively.
While cybercrime is now a grim reality, Kenya still lags in cyber insurance product development with the main challenge being a severe deficit of cybersecurity expertise. Kenya has a paltry 2,000 personnel mainly working for private firms compared to the current demand of between 40,000 to 50,000. The situation calls for urgent mitigation with each sector defining its cybersecurity needs.
For the insurance industry, the rigorous underwriting process and financial capacity needed to support it has become a key hindrance affecting most insurance companies’ ability to develop new products. To circumvent the challenges, insurance companies must adopt new technologies such as machine learning, artificial intelligence and data analytics to generate new solutions for a myriad of challenges being witnessed.
As we move along in technological advancement, a cyberattack is no longer a matter of “if” but “when” it will occur. That is why all businesses need to secure a cyber insurance policy to be cyber-ready. For all stakeholders in the sector, a challenge lies ahead on how to make the product readily available, affordable and tailored to the needs of those who need it.
The writer is the Group Managing Director of Kenya Reinsurance Corporation.
