It’s no secret that cybercrime is increasing across Australia, and its risks to businesses are significant, with the ASD Cyber Threat Report 2022-2023, showing nearly 94,000 reports were made to law enforcement through ReportCyber, the Australian Government’s online cybercrime reporting tool.
And, according to The University of New South Wales cyber-attacks are estimated to cost Australia’s economy about 42 billion a year.
With these statistics, cybercrime is a very real threat to businesses in today’s tech-driven world.
Protecting your business against cybercrime
Cyber insurance is a product that aims to respond to these increasing risks and can generally be divided into two policy types. The first is Cyber Crime Insurance, or a Cyber Crime Policy Extension, which seeks to cover financial losses due to a cybercrime event. This type of policy responds only to the actual financial loss incurred, and does not provide cover for associated costs.
The second type of policy is a Cyber Liability and Privacy Protection Insurance policy, which can provide protection for managing the impact of a cyber event or a breach of privacy, which depending on the wording of the policy, could include the cost of recovering data, business interruption costs, fines and penalties and third-party costs. The 2022 Optus data breach is a well-publicised example of this type of cybercrime.
The financial response to a cybercrime event can be significant for small and medium-sized businesses, and can include loss of income, legal fees, and IT expenses. It is worth noting that traditional lines of insurance may not cover cyber risks, with many expressly excluding or limiting how they will respond to cybercrimes.
Managing reputational damage
It’s not only financial risk that cyber insurance can address, reputational damage following a data breach or a cyber-attack that affects consumers can devastate a business. Some cyber insurance policies can provide public relations and crisis management support to help businesses respond to a cyber-attack and minimise the damage to their reputation.
Cybercrime reporting requirements
There are also reporting requirements, which means it is compulsory for qualifying businesses to notify a cyber breach to all affected parties, as well as the Australian Privacy Commissioner. This legislation applies to all Australian Government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more, providers of health services, credit reporting agencies, and TFN recipients, among others. Having a team manage these reporting requirements could be one benefit of your policy.
Ongoing risk management support
An additional benefit of cyber insurance is that it can provide risk management support. This can consist of vulnerability assessments and employee training, to help businesses strengthen their defences against cyber criminals in the first place.
As we remain more connected than ever, cyber insurance is becoming an essential aspect of risk management for Australian businesses. Cyber insurance policies can provide financial protection, risk management support, and crisis management assistance to companies in the event of a cyber-attack.
Connect with one of our brokers today to discuss how cyber insurance could protect your business from the growing threat of cyber-attacks.
Aviso Broking Pty Ltd – ABN 44 010 468 818 – AFSL 239041
Disclaimer:
This general information does not take into account your specific objectives, financial situation, or needs. It is also not financial advice, nor complete, so please contact us to discuss whether these types of insurance are appropriate for you. These types of insurance are issued by various insurers and can differ. Coverage is always subject to the policy terms and conditions. Deductibles, exclusions, and limits apply Copies of Product Disclosure Statements/Policy Wordings can be provided upon request and should be considered before deciding if this insurance is right for your business.