Technology

First cybersecurity insurance for SMEs launched in PH

As more businesses embrace digital transformation and remote work becomes the new normal, investing in cybersecurity is more important than ever. Recognizing this, insurance technology (insurtech) startup Saphron has launched the first cybersecurity insurance for SMEs in the Philippines.

As more businesses embrace digital transformation and remote work becomes the new normal, investing in cybersecurity is more important than ever. Recognizing this, insurance technology (insurtech) startup Saphron has launched the first cybersecurity insurance for SMEs in the Philippines.

The insurtech startup’s newest offering is called Cyber Insurance and Breach Response for SMEs, or CYBRIS for short. CYBRIS is a cybersecurity insurance policy that protects a business from financial losses arising from a data breach or a cyber attack.

Protecting SMEs

“In this day and age, it’s almost impossible to say that you’re in business but you don’t utilize technology. No matter what sort of business you’re in, it’s very unlikely that you will not come across data or information about the client. And there is an insurance policy [to protect] that,” said Saphron CEO Lorenzo Chan Jr. said in a press statement.

Chan made these remarks in a webinar held by the Department of Information and Communications Technology Field Operation Office for Regions VII and VIII.

Why did Saphron decide to launch the first cybersecurity insurance for SMEs in the Philippines?

SMEs are the backbone of the Philippine economy. Around 99.6% of businesses in the country are SMEs, employing 66% of the workforce. Small business owners, however, are the most vulnerable to cyber threats. A 2018 study by GoDaddy revealed that 50 percent of small businesses in the Philippines experienced financial losses due to hacking, one of the most common types of cyber attacks.

Research from CyberScout, a multinational provider of cybersecurity solutions, shows that even small businesses that only have one or two servers for their digital operations can lose anywhere from Php250,000 to Php750,000 from a data breach.

“SMEs are not comparable to conglomerates or enterprises, because they don’t have the budget or expenses for high-tech [cybersecurity solutions],” said Andrew Hong, Regional Director for Asia-Pacific at CyberScout. “When [cyber threats] hit them, they will hit them very deep.”

Making insurance accessible

As it was made for SMEs, CYBRIS offers its policies for as low as Php7,500 to Php14,500 a year. This is around the same amount as, or even lower than, car insurance.

In turn, the policy will cover up to Php2.5 million worth of financial losses arising from a data breach, which includes privacy breach liabilities, security breach liabilities, regulatory penalties, and payment card industry fines. CYBRIS also provides support for processing ransomware attacks, which according to CyberScout can cost around Php50,000 to Php150,000.

On top of this financial coverage, a CYBRIS policy also comes with 24/7 rapid breach response service from CyberScout, which has a wide network of industry and legal experts who are able to guide businesses when it comes to data breach incidents. CyberScout also helps entrepreneurs navigate through uncertainties in their digital operations and ensure that they are following the best practices in cybersecurity.

“We help SMEs facilitate the entire [breach response] process,” Hong said.

Securing your business

For Leandro Aguirre, Deputy Privacy Commissioner at the National Privacy Commission (NPC), products like CYBRIS have a two-fold benefit. Not only does CYBRIS enable SME owners to grow in the digital economy, but also it makes them take the threat of cyber attacks more seriously.

“[CYBRIS] is something that hopefully will help SMEs who may not have the necessary resources or who may not even prioritize cybersecurity or data privacy,” he said.

“Something like this will put it forward, make them think about it more, and it will help them take the necessary steps to comply with the regulations of the NPC. I look at this as some kind of multiplier effect with what we’re trying to do with the Commission. It makes them more aware of what they need to comply, and that also helps us.”