Evaluate your cyber risks

The menace has reached unimaginable heights; robbing people off their money as well as identity
Evaluate your cyber risks
"Though the cyber insurance product at the moment is at a nascent stage, the growing cyber attacks in the post pandemic world would necessitate a need to have a cyber insurance policy in near future." File/ GK

The Covid-19 pandemic accelerated major social, economic, political and technological changes. In fact, these changes are still taking place as the pandemic is yet to end.

In the financial sector, these virus-induced changes have resulted in innovation of financial products for the well-being of individuals, households and businesses.

When we look at the financial sector, we find a lot of innovation and customization of products rolled out by the insurance companies in line with the changes influenced by the ongoing pandemic.

Even as Covid-19 triggered an extraordinary health emergency, the productisation of insurance products to cover the infection was inevitable.

The insurers in line with the Insurance Regulatory and Development Authority of India (IRDAI) guidelines not only restructured the existing insurance products but also launched (and continue to launch) many new schemes covering the impact of the Covid-19.

From a business point of view, huge opportunities abound for insurance companies in the post-pandemic world. Individual and corporate awareness of risks to life, health, income and wealth has reached new heights. At the same time, the insurers need to step up their game in terms of narrowing the many protection gaps exposed by the virus.

Let me quote Tapan Singhel, MD & CEO, Bajaj Allianz General Insurance. “The uncertain year of the pandemic has pushed the health insurance awareness a notch up with customers opting for the standalone corona cover or going for a comprehensive health insurance cover too. With business losses, we also saw an increase in queries for property insurance which shows a healthy increase in the overall need for insurance.”

Health insurance no doubt has been the most bought insurance product during the pandemic, but there has also been a rise in demand for other insurance policies and covers. Notably, among others, the pandemic gave rise to an urgent need of a customised insurance scheme to protect the people from the loss owing to cyber attacks.

Precisely, an era of cyber protection insurance policies that include protection against cyberbullying and other cyber risks such as identity theft or extortion, has begun.

Though the cyber insurance product at the moment is at a nascent stage, the growing cyber attacks in the post pandemic world would necessitate a need to have a cyber insurance policy in near future.

If experts are to be believed, every major insurance company will be offering this product and will sell like hot cakes.

What is the Indian scenario of cyber insurance?

First of all, let’s understand that the wonders of the Internet have brought pleasure into the lives of people irrespective of their locations. But at the same time, it has exposed them to unimaginable risks of becoming a victim of social engineering.

In social engineering, the cyber fraudsters try to manipulate the victim into divulging sensitive information, like password, personal credit card information etc. Nearly all fraudsters bank on exploiting the trust and curiosity of the browser and steal his credentials which are enough to even bankrupt him.

In other words, in the world of the Internet, we are all at risk and at the same time we are also a risk to others. This kind of scenario is keeping everybody guessing as cyber frauds have become the order of the day. The risk of stealing credentials of the browsers is widespread which the fraudsters then use for everything from finance fraud to outright identity theft.

Now coming to the ongoing pandemic situation, where incidences of cyber attacks have been growing exponentially leaving people in loss. Reports of high profile data breaches have been pouring in continuously as the pandemic forced the individuals, businesses, offices and other establishments to bank upon online mode to execute their jobs. Reportedly, cyber risks have accelerated by as much as 500% since the first lockdown was imposed in India in March 2020. The IRDA in a circular has pointed out that there is an increase in coronavirus-themed spam, likely resulting in more infected personal computers and phones.

In other words, in the given environment, when even gullible people have been forced to take the Internet route to conduct their day to day activities, an element of risk involved in every online activity has heightened to alarming levels. For example, the way people use online services, be it storing credit card details on a retailer’s website, sharing sensitive personal data over unprotected networks, or using unencrypted websites, exposes them to huge risks.

As per the national cybersecurity agency The Computer Emergency Response Team of India (CERT-In), there has been an increase in the number of cyberattacks on personal computer networks and routers since professionals were asked to work from home in the wake of the covid-19 outbreak in the country.

Precisely, pandemic has accelerated the threat to cybersecurity for individuals as well as the enterprises owing to work from home model and an increase in dependency on technology. A rise in sophisticated cyber crimes has heightened vulnerability to cyber attacks.

What exactly is cyber insurance?

Cyber insurance product is an insurance policy which protects customers from online frauds. This cyber insurance covers individuals and businesses against digital theft or any kind of financial losses due to unauthorised online transactions. Precisely, the coverage will include protection against Identity theft, Cyber-bullying, Cyber extortion, Malware intrusion, Financial loss due to unauthorised and fraudulent use of bank account, credit card and mobile wallets, legal expenses arising out of any covered risk etc. There are policies which also cover threats such as reputation injury and loss of wages because of cyber frauds.

Remarkably, if someone loses wages that would have been otherwise earned, for the time necessarily taken off from work to rectify facts arising out of any covered risk can also be claimed under the cyber insurance policy. These policies also have an option to seek insurance cover to the entire family, including children.

What are the IRDAI guidelines regarding cyber insurance?

A few days back, Insurance Regulatory and Development Authority of India (IRDAI) has issued a guidance document on product structure for cyber insurance. The Insurance regulator has advised the general insurers who have already developed some cyber insurance products with exclusive coverage for individuals to protect against cyber perils and currently offering the products that mainly focused on commercial business, may review the product structure based on the coverages advocated in the document. The filing of such products may be undertaken at the earliest to respond to the needs of customers who are increasingly exposed to the cyber threat of digital services.

According to the regulator’s guidelines, losses and costs that will be normally covered under a cyber insurance policy can be split into four categories.

First party losses: These are direct financial loss, data loss, business interruption loss and mitigation losses. Regulatory action costs: Cost of regulatory action and investigation, civil fines and penalties, and defence costs.

Crisis management costs: Forensic expert costs, including security consultation, reputation damage costs, legal costs for matters including notification, coordination with service providers, and strategy, credit and identity theft monitoring costs, cyber extortion/ ransomware cover, operation of a 24x7 hotline, cyber stalking, counselling, information removal and pursuing action.

Liability claim costs: Legal liability/damages directly arising from privacy or data/ security breach, defamation, intellectual property rights (IPR) infringement and defence costs.

What are other precautions which one needs to take against cyber risks?

To remain safe from the cyber attacks, IRDAI has listed following dos and don’ts:

-Install an anti-virus and firewall on devicesUse a virtual private network

-Keep software and operating system updatedKeep hard-to-guess passwords or passphrases, password should have a minimum of 10 characters using uppercase letters, lowercase letters, numbers and special characters

-Keep different passwords for different accounts. If one password gets hacked, your other accounts are not compromised

-Use privacy settings on social media sites to restrict access to your personal informationPay attention to phishing traps in email and watch for tell-tale signs of a scam

-Destroy information properly when it is no longer neededBe aware of your surroundings when printing, copying, faxing or discussing sensitive information

-Lock your computer and mobile phone when not in use. This protects data from unauthorized access and use

-Remember that wireless is inherently insecure. Avoid using public Wi-Fi hotspots. Report all suspicious activity and cyber incidents

-Check if the website being visited is trusted. Be extra careful during festival season

-Always delete mail/ SMS from unknown sources.

-Don’t click on links from an unknown or untrusted source

-Don’t respond to fake phone calls or emails requesting for confidential data

-Don’t install unauthorized programs on your computer.

-Don’t leave devices unattended. Keep all mobile devices, such as laptops and cell phones physically secured.

Disclaimer: The views and opinions expressed in this article are the personal opinions of the author.

The facts, analysis, assumptions and perspective appearing in the article do not reflect the views of GK

Related Stories

No stories found.