Advertise Here
Icon

Directory

IconActuaries
IconAssociations & Institutes
IconAuditors
IconBBBEE Consulting and Verification Agencies
IconBusiness Chambers
IconBusiness Process Management
IconBusiness Process Outsourcing
IconCall Centre Outsourcing & Sales
IconCompliance
IconConsumer Protection
IconCorporate Governance
IconCredit Bureaus
IconDebit Order Collection Facilities
IconEducation and Training
IconFAIS
IconHuman Resources
IconInformation Technology and Software Partners
IconLegal
IconLife Insurance Companies
IconLife Insurance Products
IconOmbud
IconOutbound Sales
IconPolicy Administration
IconPolicy Trading
IconPublications
IconRe-insurance Companies
IconRegulatory Authorities
IconSales and Sales Management
IconSocial Grants (Government)
IconSurveys and Research
IconTraining Courses & Workshops
IconWellness Programs
Image
  Subscribe To »

Cyber risk during COVID-19 outbreak

Published

2020

Thu

19

Mar

A common response by businesses to the spread of COVID-19 has been to implement measures that require social distancing and remote working. To ensure business continuity, some of these measures rely on the availability of technology like VPN access, as well as the use of online platforms to hold team meetings, client calls, vendor engagement, and even mediation proceedings. 

 

On 15 March 2020, it was reported that the US Department of Health and Human Services suffered a hack, which was apparently aimed at slowing down HHS computer systems during its response to the spread of COVID-19. Even though HHS reported that there was no actual exfiltration of data, it was subsequently discovered that false information was being circulated about a national quarantine. The false information campaigns were apparently linked to the hack.

 

Businesses are reminded to ensure that their computer systems are resistant to cyber threats and that employees’ cyber hygiene is prioritised. This is especially a risk for those businesses that are not used to remote working and relying on such technology, and whose inexperience may lead to them easily falling victim to a phishing attack.

 

Businesses should also ensure that they have appropriate measures in place to respond to a data breach should one occur. This is especially relevant to those businesses whose employees are working remotely. It can be challenging for forensic experts to implement mitigation steps when compromised devices and work stations may be off-site. Businesses are encouraged to speak to their IT teams and forensic experts to determine their response capabilities.

 

The existence of COVID-19 and the extraordinary governmental measures do not automatically excuse parties from taking measures to protect personal and confidential information.  Even though POPIA is not yet in force (and therefore there is no need to account formally to the Information Regulator till it is), companies have common law and possibly contractual obligations to secure information and must continue to protect their reputation in these challenging times. This is especially so when access to personal health information could expose individuals to significant harm. Companies must include cyber risk as part of their COVID-19 response plan and make sure that remote-working employees know what to do in a cyber-emergency.

 

Authors: Rosalind Lake, Director and Priyanka Naidoo, Associate Designate

 

 
« Back to previous page Print this page » |
 

Breaking News »

POPI BREACH COULD MEAN FINES OF UP TO R10 MILLION AND A 10-YEAR JAIL SENTENCE

Where to start for SA businesses?   09 July 2020: Parts of the long-awaited Protection of Personal Information Act 4 of 2013 came into force on 1 July 2020, and companies will have a period of one year ...
Read More »

  

POPI ACT IS NOW IN FORCE

FIVE STEPS TO ENSURE POPI COMPLIANCE FOR DIRECT MARKETING   07 July 2020: The Protection of Personal Information Act 4 of 2013 (POPI) has now come into effect and it is important that South Africa businesses ...
Read More »

  

POPI ACT - IMPLICATIONS FOR VARIOUS BUSINESS AREAS

02 July 2020: The long-awaited Protection of Personal Information Act 4 of 2013 comes into force on Wednesday 1 July 2020, and companies will have a period of one year to get their ducks in a row or risk substantial ...
Read More »

  

Lloyd’s presents solutions for global industry and government partnerships

Lloyd’s presents solutions for global industry and government partnerships to fast-track societal and economic COVID-19 recovery Open-source frameworks provide blueprint for better protecting society ...
Read More »

 

More News »

Image

Healthcare »

Image

Investment »

Image

Retirement »

Image

Short-term »

Advertise Here
Image
Image
Advertise Here

From The Glossary »

Icon

Financial Soundness:

This is a method of valuing policyholder liabilities which is basis of valuation (FSV) intended to give a conservative but realistic view of the overall financial position of a life insurer. It allows for premiums that will be received in future as well as future expected claims, interest rates, expenses and other relevant factors.
More Definitions »

 

Advertise

 

eZine

 

Contact IG

 

Media Pack

 

RSS Feeds

By using this website you agree to the Terms of Use.
Copyright © Insurance Gateway (Pty) Ltd 2004 - 2020. All Rights Reserved.