Cybercrime insurance in South Africa remains scarce despite soaring data breach costs

 ·22 Apr 2024

The average cost of a data breach for companies worldwide has increased by 15% to $4.45 million (R84.9 million) in the past three years.

This is according to recent research by Santam, which outlined that despite the hefty impact of data breaches on companies, only around 26% of commercial respondents indicated that they have cybercrime cover in place.


A data breach is an event in which confidential, protected, or sensitive information is accessed, disclosed, or stolen without permission. This typically involves cybercrime, where an unauthorised individual/s illegally enters a computer or IT system either to steal information or to insert harmful software.

Such breaches can result in things like loss of personal information which could lead to identity theft, substantial financial losses, or the loss of commercially sensitive information.

According to the 2023 Cost of a Data Breach Report by IBM Security, there has been a 73% increase in data breaches in South Africa since 2015. On average, it costs companies R2750 to recover each file that has been breached.

The study

Santam’s research found that that large commercial and corporate respondents led the way in taking up cybercrime insurance, at 44% and 28% respectively.

Although many small and medium enterprises (SMEs) outlined that they were wary of the numerous risks, Chief Underwriting Officer at Santam, Thabo Twalo, said that there was a strong perception that “it would never happen to them”.

“This is particularly concerning as South Africa has been identified as a hotspot for crimes such as identity theft, data breaches, malware and phishing scams,” said Twalo.

“Although attacks on large corporations may make the headlines, it’s the frequent attacks on smaller businesses that is more concerning. The 2022 SHA Risk Review found that one in three SMEs had been victim of a cyber-attack,” he added.

Santam warns that SMEs in South Africa are at higher risk of cybercrime due to inadequate protection.

What could businesses do to cover themselves

Santam said that the work-from-home trend has compounded risks.

“Security measures could include providing work-issued computers to employees working remotely and ensuring they are used only for work-related tasks and installing anti-malware protection to detect threats,” while requiring employees to have routers with built-in firewalls while changing passwords often, said Twalo.

Twalo says that even though they do not think it could happen to them, SMEs should have “adequate insurance in place to protect the business from this growing threat.”

He recommends that business owners have a policy in place that provides cover in the following areas:  

  • Data breach and restoration – After a breach, the business may be liable for damages to third parties. This extension covers legal defence costs and damages if the case is unsuccessfully defended.
  • Third-party liability – Provides cover against claims made against the business by clients or agents who experience a cyber-attack on its system.
  • Business interruption – Designed to assist SMEs get back on track after a breach.
  • Cyber extortion and cybercrime – Helps “get businesses running as soon as possible after a cyber-attack” and manages the financial implications of a ransomware attack.

It has also been recommended to enhance cyber-security awareness among employees, minimizing the unnecessary sharing of information, and steering clear of complacency in data management for SMEs.

Other precautionary measures given in the IBM Report include:

  • Build security into every stage of software development and deployment—and test regularly;
  • Modernise data protection across hybrid cloud;
  • Use security AI and automation to increase speed and accuracy;
  • Strengthen resiliency by knowing your attack surface and practicing incident response.

Read: Cost of data breaches for companies in South Africa

Show comments
Subscribe to our daily newsletter