Business insurance should include IT risks

Most companies neglect to manage their exposure to natural disaster, emergencies, and service disruption, according to insurance data research.

Business continuity management and emergency response could determine the survival or closure of a business, writes Karin de Kock of PSG Konsult short term insurance.

“It is a natural human tendency to believe that ‘it would not happen to us’. Brokers often have to assess and rate insurance clients’ exposure to emergencies.”

Obvious risks include storm, fire, flood, lightning, death of a key staff member, fraud, data loss, incidents, and legal claims. Most organisations are subject to unique risk profiles.

Quality of contingency and business continuity plans could determine sustainability. Organisations have to recover as quickly as possible to limit loss of trading time and income.

Appropriate insurance cover could save an organisation, and good enterprise risk management could save the organisation and the insurer time and money.

Cyber and IT risk insurance

“Businesses usually consider natural disasters and traditional incidents, but new technology had brought with it a host of new equipment, data, skills and services to manage”, writes Karin de Kock.

Cyber insurance is a must have, yet standard insurance policies do not yet specifically cover IT incidents or cyber loss.

New technology brings higher liabilities. Internet implies more risk exposure, and Cyber Liability Insurance had developed as a result.

IT risk management and insurance cover are essential to insure organisations against unauthorised access, destruction of data, theft, hackers, malicious codes and breaches of information.

“We have to engage cyber risks pro-actively to minimise or prevent our potential losses. Companies, including insurance companies, have had to enhance their electronic processes to improve services, marketing, and availability to customers”, according to Karin de Kock.

ISO IEC 27001 extract

Insurers have some in house experience of cyber risk assessment and management. Risk managers specialising in IT and cyber risks, could follow the global information security management system standard, ISO IEC 27001.

The ISO 27001: 2005 standard on information security is relevant to all forms of data, including documents, forms, minutes, memos, recordings, drawings and photographs.

PHOTO; Karin de Kock of PSG Konsult short term insurance advises IT users to educate employees on IT risk management.

Leave a Reply

Your email address will not be published. Required fields are marked *

Releated

Diane Swarts heads up Sheqafrica from October 2020

Durban – South Africa –  The High Option Ltd. as majority shareholder of SHEQafrica Corporate Services(Pty)Ltd, announced yesterday that Pietermaritzburg based SHEQ Consultant, Diane Swarts have been appointed as the General Manager for the business from October 2020. SHEQafrica Corporate Services owns a number of brand names like The Safety Guys, The Safety Lady, and […]

Invitation to contribute

While we are back on air, there is still a long road ahead to restore SHEQafrica as the #1 OHS Magazine in Africa. We therefore wish to invite you to become a contributor to our efforts and assist in making this the most loved magazine for the SHEQ Practitioners once more. On site, we often […]