Sumati Mishra lost Rs 1.5 lakh after she shared the one-time password sent to her mobile phone to a lady claiming to be a bank employee. Sahil Kapoor lost Rs 3 lakh after he entered his bank account details on a fake website.
Unfortunately, these are not isolated incidents, but are instances of frauds, scams and cyber-attacks that are increasing by the day.
The digital age has brought with it new challenges, especially related to cybersecurity. In order to protect companies and customers from cyber attacks, insurers are offering the cyber liability insurance policy.
“In today’s interconnected world, it is imperative for companies to have adequate security and data protection measures and top that protection through a cyber liability insurance policy,” says M Ravichandran, president – insurance, TATA AIG General Insurance.
“An insurance cover for cyber crimes is quite common internationally,” says K G Krishnamoorthy Rao, MD and CEO, Future Generali India Insurance, which will shortly be introducing an insurance policy for cyber crimes in particular.
As of now, the cyber liability insurance policy is not a very popular policy in India and companies have been opting for a general insurance policy until now.
But given the rise in incidents of security breach in India, soon it will be a necessity.
According to a survey by global consultancy firm PwC along with CIO and CSO, the average number of information security incidents detected by respondents increased by 117% over the previous year, up from 2,895 last year to 6,284 this year.
Further, the losses as a result of incidents of cybersecurity surged by 135% over the previous year, and the average cost per incident increased by close to 8%, added the report.
In order to ensure safety of their systems, banks and financial companies have to invest in latest technologies.
“We have made significant investments in the state-of-the-art security technologies including high grade encryption, multi-factor authentication (including voice biometrics), secure coding platforms, data leakage prevention systems and digital rights management solution in order to safeguard the customer data,” says an ICICI Bank spokesperson.
Interestingly, even insurers, hotels, hospitals, automobile companies are on the hit-list of fraudsters and hackers as they have critical information of people such as their financials, and even their medical conditions (if any) on multiple servers around the world.
“No less than any bank, these databases are virtual repository of all details about consumers and are virtual goldmines for the likes of hackers, phishers and identity thieves,” says Ravichandran.
Companies are taking several steps to safeguard the crucial client information. “We have been investing heavily in building up controls and safety of sensitive data.
There are numerous checks and balances at IT, wherein the data is identified by the information security and risk control team of the company,” explains Suresh Agarwal, Sr EVP & chief distribution officer, Kotak Life Insurance.
While companies do their best to prevent frauds and data theft, at times, the customer proves to be the weakest link.
This can be avoided if customers take adequate precautions. “Customers should ensure that they are using only secure sites for making payments. Plus, they should change their passwords regularly,” advises Rao.
Banks have been advising their clients not to part with sensitive and personal information.
Agarwal cautions customers against “any unreasonable offers or gifts that are offered on telephones or by unauthorised agents who have no identification of the company.”
In order to ensure an early resolution of your troubles, if you happen to fall prey to any phishing or spear phishing scam, check if your bank has a cyber-liability cover.
The advantages of a cyber liability insurance is that the insurance policy allows the company to take immediate action on breaches.
“The network security cover provides cover for damages and defence costs resulting from denial of service, virus attacks, physical theft, wrongful misappropriation regarding third party data and the very leak of such data by the employee, which aid speedy litigation and in turn lead to swifter justice.
Policy also extends coverage for monitoring the stolen confidential personal information through credit monitoring services, and notification expenses for notifying the data subjects affected with a security breach,” says Ravichandran.