Don’t have time to read the fine print? Here’s what most insurers expect you to have sorted before they’ll cover you.

Tick these off—and if you’d rather not deal with it, just call Hackerstopped!

• Firewalls & Device Protection: Real security on every device and network, not just the cheap/free stuff.
• Regular, Automatic Backups: Offsite or in the cloud—and you’ve actually tested that they work.
• Strong Passwords + Multi Factor Authentication: No more “password123”. Use strong passwords and double-check login codes.
• Staff Training: Your people know what a phishing scam looks like (and have had actual training, not just a warning in a meeting).
• Incident Response Plan: You’ve got a step-by-step plan if something goes wrong. It’s written down, not just in someone’s head.
• Software Updates: All your devices and software are up to date, with proof—not “I think it’s updated”.
• Inventory List: You know exactly what computers, phones, and data you have and where they are.
• Data Privacy Compliance: You follow the basics of POPIA, and handle customer info safely.
• Regular Security Checks: You (or someone you trust) regularly check your security, and you actually fix any issues found.
• Third-Party Check: Your cloud providers and IT vendors are secure, and you’ve checked their credentials.
• Honest Paperwork: You can answer the insurer’s questions honestly, with documents to back it up.

What You Really Need to Qualify for Cyber Insurance in South Africa (Without the Headache)

Let’s be honest: most business owners don’t have the time, the patience, or the nerves to keep up with cyber threats. But ignoring them? That’s asking for trouble—especially with cybercrime on the rise in South Africa.

If you want your business to survive (and even thrive), cyber insurance can be a game-changer. But getting covered isn’t as simple as ticking a box. Insurers want to see that you’re actually protecting your business. Here’s what you really need to have in place before an insurer will take you seriously.

1. Basic Security Measures (The Non-Negotiables)

Before any insurer will talk to you, they’ll want to know that you’ve covered the basics. That means:

• Firewalls: Think of this as a digital gatekeeper for your business. It keeps unwanted visitors out of your computer systems.
• Antivirus & Device Protection: Not just the free stuff—proper security software on every laptop, desktop, and server.
• Wi-Fi Security: Your business Wi-Fi must be locked down with a strong password (not just “123456”) and proper encryption.

Sound confusing? We set all this up for our clients, so you don’t have to become an overnight IT expert.

2. Regular Backups (And Proof That They Work!)

If your business loses all its data to a hacker, can you get it back? Insurers will ask. You’ll need:

• Automatic backups of all important files, stored safely (not just on the same computer or in the office).
• Proof that you’ve tested restoring those backups—because if you can’t get your data back, those backups are pointless.

Don’t know how to check your backups? That’s our job. We’ll set them up and show you how they work, so you can sleep at night.

3. Password Protection and Double-Checking (MFA)

Still using easy passwords, or the same one for everything? Insurers expect better. They want to see:

• Strong, unique passwords for everyone in your business.
• Multi-Factor Authentication (MFA)—that’s the extra step after your password, like a code sent to your phone. It’s simple, and it works.

We’ll help your team get set up with passwords and MFA. No more sticky notes with passwords on the screen, promise.

4. Training Your Team

Here’s the truth: most cyberattacks start because someone clicks a dodgy link or opens a fake invoice. Insurers want proof that you’re:

• Training your staff regularly (at least once a year) on how to spot scams and suspicious emails.
• Keeping records of this training—because “we told everyone in the WhatsApp group” doesn’t count.

Not sure what to teach? We handle this with easy, no-nonsense training that actually sticks. No boring lectures.

5. Have a Game Plan for “When” Things Go Wrong

It’s not about if something happens, but when. Insurers want to see:

• A written incident response plan (fancy words for: “What do we do if we get hacked?”)
• A named person or team who’ll be in charge (don’t worry, this doesn’t have to be you)

We create these plans for our clients, so everyone knows what to do—no headless-chicken moments if something goes wrong.

6. Keep Everything Up to Date

You know those annoying software update reminders? They’re actually important. Insurers expect:

• All computers, phones, and systems updated regularly (no using old, unsupported programs)
• Proof that someone is checking and managing updates—“I think we’re up to date” won’t cut it

We automate updates for our clients, and keep a record, so you never have to worry if you’re covered.

7. Know What You’ve Got (Asset List)

Do you know every laptop, phone, and server your business owns? Insurers want:

• A simple list of your IT equipment and who uses what
• Details on where sensitive information is stored (on-site, cloud, laptops, etc.)

We’ll help you pull this list together. If you’ve lost track, you’re not alone—it happens!

8. Data Privacy and Compliance

South Africa has its own rules (POPIA) about how you handle people’s information. Insurers need to know:

• You have some sort of privacy policy and a way to protect customer details
• If you take card payments, your payment system meets industry standards

We know POPIA can be confusing. We help you stay compliant and avoid nasty surprises.

9. Check Your Defences (Testing)

Insurers are big on proof. They want:

• Regular security “health checks” (like vulnerability scans and testing your systems for weaknesses)
• That you actually fix problems found in these checks!

We handle regular checks and fix what needs fixing—no judgment, just action.

10. Vendor and Cloud Security

If you use third-party IT companies or cloud services (like Google, Microsoft, Dropbox), insurers want to see you’ve checked their security too.

We review your suppliers and set clear agreements to keep your data safe.

11. Paperwork and Honesty

Finally, insurers want:

• Clear, honest answers on their cyber insurance questionnaire. If you fib or guess, they’ll find out (and won’t pay out).
• Up-to-date documentation (we provide all the paperwork you need to show you’re secure).

So, What’s the Real Takeaway?

Cyber insurance is a fantastic safety net—but only if you’re doing your part. Most claims get denied because the basics weren’t in place, or someone thought, “It’ll never happen to me.”

Setting all this up can sound overwhelming, but you don’t have to do it yourself. That’s why Hackerstopped exists.

Hackerstopped: Your Cyber Insurance Wingman

We set up the right security, provide the training, keep the paperwork in order, and help you tick every box that insurers care about. No IT gobbledygook. No headaches. Just straight-talking support that keeps your business running and makes insurance a breeze.

Disclaimer: Hackerstopped is not a financial advisor or insurer. This information is here to help you understand what most insurers expect. For final insurance decisions, always talk to a licensed financial adviser or insurance broker.

Want peace of mind—and proof your business is ready for anything?

Let’s chat. We’ll do the heavy lifting, so you can get on with running your business.