Dubai: Increasing threats to cybersecurity are now raising questions about whether individuals should go in for cyber insurance.
In what is an alarming trend, one in five people in the UAE admit they share sensitive data with people they don’t know well, even strangers, with little control over how the information will be used. The conclusion was made by Kaspersky Lab following a study of residents’ data sharing habits (See Lurking stranger danger).
As worries over identity thefts and the loss of digitally stored personal data due to hacking or an online breach heighten, XPRESS spoke to industry experts to find out what exactly is at stake and whether cyber insurance is an all-encompassing solution.
Cyber insurance, for those who may not know, is an insurance product that protects organisations and individual users from risks relating to information technology infrastructure and activities, besides the Internet.
“With a wide range of household products possessing Internet capabilities, the need for cyber protection for individuals has never been greater,” said Mohammed Basheer, IT security practice head at Dubai-based IT solutions and services consulting company ISYX Technologies.
He said cyber criminals are becoming more aggressive and their attacks more sophisticated. “From email scams and cyber bullying to identity theft and tax fraud, cyber threats to individuals are growing in size and complexity. It has become important for individuals to protect their data.”
He said individuals need to first assess the value of the information they would like to protect and the amount to be spent on insuring it. “The protection can extend to identity theft expenses, credit card fraud, forgery, wire transfer fraud, cyber extortion, cyber bullying, breach notification costs and legal expense reimbursement.”
But cyber coverages, experts concede, are yet to catch up among individuals in the region. As things stand, they are more prevalent at the organisational level. Pete Banham, cyber resilience expert at Mimecast, an international company specialising in cloud-based email management, said cyber insurance covers companies for claims that are usually outside their commercial general liability policies. “This can include protection against losses such as the destruction of data, extortion, theft, hacking and denial of service attacks. Additional related clean-up costs such as investigations, audits and public relations can also be covered.”
However, he cautioned that not all attacks are covered, so it’s important to check the extent of protection offered. “Successful attacks where employees are tricked into sending personal data or intellectual property are often less likely to be covered,” he noted.
Alok Ranjan, practice head, insurance at Tech Mahindra, said, “Before getting a cyber insurance, it is important to get the cyber risk assessed. There’s a proposal form which has details about the information, how it is stored and secured. Underwriters tend to price risk in terms of the repercussions of a breach, instead of just the value of the data.”
He said, “Cyber insurance is witnessing a growth of 10 per cent in MENA. The focus market is the UAE. There is a handful of carriers including Abu Dhabi National Insurance Company and AIG that offer cyber insurance. The trend is expected to grow.”
Banham said, “Many traditional insurers offer specialist cyber policies, including Lloyd’s, Hiscox, AIG and RSA. The premiums vary dramatically.”
Lurking stranger danger
Almost half - 48 per cent - of Internet users in the UAE make their information public, but once data has gone into the public domain, it can travel far beyond the control of its owners, a study by Kaspersky Lab has found.
The research shows that the majority of people in the UAE share personal information digitally, with 83 per cent making photos and videos of their children public and 56 per cent sharing private and sensitive videos and photos of others.
According to the study, one in five people admit they share sensitive data with people they don’t know well, and with strangers, limiting their ability to control how the information will be used. As a result, people are exposing themselves to identity theft or financial attack by sharing financial and payment details (53 per cent), scans of their passports, driving licences and other personal documents (71 per cent) or passwords (44 per cent).
The findings are part of Kaspersky Lab’s My Precious Data: Stranger Danger report on people’s data sharing habits. The research found that people are not just sharing data, they are also sharing devices that store their precious data.
In fact, 14 per cent of the UAE have shared the PIN for accessing their device with a stranger and one-in-four (26 per cent) have left their devices unlocked and unsupervised among a group of people. Nearly 35 per cent have given their device to another person to use for some time.
“Over-sharing personal data with people and companies is a really dangerous habit to get into,” says Andrei Mochola, head of consumer business at Kaspersky Lab. “In today’s online world, sharing information with others has never been easier and, in many ways, that’s what the Internet was created for. But by disclosing important and sensitive information with other people at the push of a button, you relinquish control over it, because you can’t be sure where that data is going, and how it will be used.”
The study shows young people are the most likely to share private and sensitive photos of themselves with others – 59 per cent of those aged 16-24 admit to this form of sharing, compared to 50 per cent of the 55-plus bracket. This pattern extends to financial information, with half of young people sharing their financial and payment details (51 per cent of 16-24 year olds) with others, compared to 33 per cent of 55+ year olds.
Have you been a victim of a cyber incident? Tell us your experience.
Write to us at:
Whatsapp: 056 508 9988