Advertise Here


IconAssociations & Institutes
IconBBBEE Consulting and Verification Agencies
IconBenefit Administrators & Investment Managers
IconBusiness Chambers
IconBusiness Process Management
IconBusiness Process Outsourcing
IconConsumer Protection
IconCorporate Governance
IconCredit Bureaus
IconDebit Order Collection Facilities
IconEducation and Training
IconHuman Resources
IconInformation Technology and Software Partners
IconPension Fund Trustee Liability Insurance
IconPension Fund Trustee Training
IconPension Funds Adjudicator
IconPolicy Administration
IconPolicy Trading
IconRegulatory Authorities
IconRetirement Funds registered by the FSB
IconRetirement Products
IconSocial Grants (Government)
IconSurveys and Research
IconTraining Courses & Workshops
IconTrust Establishment & Management
IconWellness Programs
  Subscribe To »

Cyber Risk Implications of the Coronavirus Outbreak






The outbreak of COVID-19 has caused significant disruption to businesses and a degree of panic within the employee community. Companies across the globe are activating contingency and business continuity plans and are allowing employees to work from home to limit the spread of the virus. In a new reality where millions of people are working remotely, secure networks are now more critical than ever, according to Aon.


Zamani Ngidi, Cyber Solutions Client Manager at Aon South Africa outlines the practical steps organisations can take to remain cyber resilient amid the crisis. 


“Concern about the spread of the Coronavirus has triggered the largest “work-from-home” mobilisation in history.  The Coronavirus outbreak is highlighting the risk resilience, or lack thereof, of organisations. Not only as far as restrictions implemented from the Presidency are concerned, but also from a sustainability perspective and what that constitutes in a world where global economic activity is impacted,” says Zamani.


“Covid-19 will fundamentally change the way we conduct business in future in respect of mobile and remote working, and this has significant cyber risk implications.  Organisations will need to increase reliance on technology in order to navigate a business environment that is globally restricted in terms of physical movement and presence.  The ability of employees to work from home (connectivity) will become more pronounced, and when coupled with possible disruptions from load shedding, creates a unique set of risks for South Africa. 


“At the very least, organisations will need to reassess internal IT policies, crystalising risk mitigation efforts and re-assessing risk transfer programmes, arising from the dramatically increased reliance on technology for remote work forces,” says Zamani.


To remain operational and secure, Aon recommends that companies take the following steps:

  • Defend Against the Phishing Wave

Malicious actors will leverage the intense focus placed on the virus and the fear and panic it creates. Security researchers have already observed phishing emails posing as alerts regarding COVID-19. These emails will typically contain attachments which purport to offer information about the outbreak or updates on how recipients may stay safe. In an environment where people are stressed and hungry for more information, there is a lack of commitment to security best practices.


This is the time for organisations to remind employees of the need for vigilance and the dangers of opening attachments and links from untrusted sources. Running a simulated spear phishing campaign can also demonstrate the level of resilience to these attacks. At a more technical level, up-to-date antivirus and monitoring tools can limit the effectiveness of these attacks.


  • Test System Preparedness

Organisations will be experiencing an unprecedented amount of traffic accessing the network remotely. Companies with an agile workforce have been preparing for this contingency for some time and will be well-equipped to maintain network integrity through the use of sophisticated virtual private networks (VPNs) and multi-factor authentication. Enterprise security teams are recommended to increase monitoring for attacker activities deriving from work-from-home users, as employees’ personal computers are a weak point that attackers will leverage in order to gain access to corporate resources.


For those less prepared, COVID-19 presents a challenge. There is a risk that the increased volume of network traffic will place a strain on IT systems and personnel, in addition to employees accessing sensitive data and systems via unsecure networks or devices. We recommend that these organisations migrate as quickly as possible to remote working and Bring-Your-Own-Device (BYOD) standards. VPNs should be patched regularly (for example, a vulnerability in the Pulse Secure VPN was patched in April 2019 but companies which failed to update were falling victim to ransomware in December) and networks should be load-tested to ensure that the increased traffic can be handled.


  • Brace for Disruption

A remote workforce can make it more difficult for IT staff to monitor and contain threats to network security. In an office environment, when a threat is detected, IT can immediately quarantine the device, disconnecting the endpoint (i.e. the compromised computer) from the corporate network while conducting investigations. Where users are working remotely, organisations should ensure that, to the extent possible, IT and Security colleagues are readily contactable and ideally able to physically address a compromise at its source. Sophisticated endpoint detection and response (EDR) software can also be used to quarantine workstations remotely, limiting the potential for malicious actors to move through the network.


As this risk moves beyond the technical, companies should adopt an enterprise risk approach. This can include rehearsing business continuity plans (BCP) and senior management response through tabletop crisis simulations that focus on cyber scenarios as well as how pandemics and other similarly disruptive events are likely to impact upon automation, connectivity and cyber resilience.


Companies can also safeguard against the increased risk of disruption through a robust cyber insurance policy which, in the event of a digital disruption to systems, can provide cover for business interruption losses, as well as the costs of engaging forensic experts to investigate and remediate a breach.


“COVID-19 presents many challenges to businesses across the entire globe but developments in technology means companies can remain operational and nimble in the face of uncertainty. Keeping a finger on the pulse of the pervasive cyber threats in the midst of this crisis is critical to ensuring that the increased reliance on connectivity and technology don’t scupper productivity any further,” concludes Zamani. 

« Back to previous page Print this page » |

Breaking News »

Insurance and Risk in a Post-Covid Economy

Certain insurance classes will take a hit while others will have time to recover, consumer behaviour will radically change the rules of engagement for insurers and brokers, and accelerate digital transformation   Nothing ...
Read More »


COVID-19 Swings the Spotlight Back onto Emerging Countries’ Debt

While the focus so far has been mainly on China, Europe and the United States, the consequences of the COVID-19 pandemic are likely to be even more severe for emerging economies, says International credit insurer, ...
Read More »


Coronavirus impact on shipping industry: idle vessels face new risks, Allianz warns

Increasing disruption and economic pressures caused by the pandemic also has serious risk management implications for the maritime community and insurers alike. Covid-19 pandemic makes it difficult to relieve crews, ...
Read More »


Coronavirus: Fighting the rise in cyber criminals from the home office

With many people working remotely because of the coronavirus outbreak, the number of cyber incidents is increasing as hackers, scammers and spammers look to exploit vulnerabilities in an attempt to steal valuable ...
Read More »


More News »


Healthcare »


Investment »


Life »


Short-term »

Advertise Here
Advertise Here

From The Glossary »


Cell Captive Insurer:

An insurer that is structured with separate cells. Each cell, through a shareholders’ agreement, is separate and independent from the other cells in the insurer. The assets allocated to each cell may be used only to settle liabilities incurred by such cell and thus should not be attached by the creditors of the other cells. Positive returns on the net assets in the cell and on insurance business introduced by the cell owner to the insurer are attributable ...
More Definitions »






Contact IG


Media Pack


RSS Feeds

By using this website you agree to the Terms of Use.
Copyright © Insurance Gateway (Pty) Ltd 2004 - 2020. All Rights Reserved.