$276,232 is the average cost for cyber incidents in Australia(i).
Regardless of how good your company IT systems are, there is no 100% guaranteed way to protect your data. A data breach can not only cause significant financial losses for your business, it can negatively impact your clients and customers, putting you in the legal firing line. In this day and age, Cyber Insurance is essential for all businesses.
A breach of your business systems has the potential to cause enormous damage to your bottom line and reputation. Stolen credit card numbers, financial reports, medical records, birth dates and the loss of sensitive personal data can leave your business unable to operate and exposed to litigation and / or fines and penalties.
Traditional insurance policies, such as Business Insurance and Liability Insurance, do not extend to cover the fallouts of a cyber-attack. Cyber Liability Insurance is designed to protect your business from the substantial financial losses associated with cyber-attacks, and should form a key component of your risk management strategy.
An increasingly common occurrence
Consider the following cyber-attack experienced by a small engineering firm:
The firm’s IT systems were overrun by a ransomware virus, causing their server to become completely encrypted and inoperable. The cyber-criminal demand a BITCOIN ransom equivalent to $10,000. The firm, discovering that there was no viable back-up of their data to restore, decided to pay the ransom. Once paid, the cyber-criminal provided a decryption code which restored their system.
The outcome: a total cost of $18,650, including the $10,000, was incurred by the company which included IT expenses to restore the system from scratch. (ii)
An important point to consider: while the cyber-criminal was true to their word, they were under no obligation to adhere to their promise and provide the decryption key once the ransom was paid, nor were they obligated to refrain from attacking the same engineering practice a second time to extort more money. After a ransom is paid, cyber criminals have been known to unlock data for 24 hours before again encrypting system data and demanding more money to re-enable access!
Across every industry
In October 2016, the Australian Red Cross had roughly 550,000 patient records leaked onto the web. These records contained personal data ranging from names and addresses to drug use and medical conditions. The breach was a combination of human error regarding the file location of patient records, and a hacker finding their way into the Red Cross’ public information server.
Irrespective of the size of your business, or your industry, companies that connect to the internet in ANY way are vulnerable to attacks which can severely impact their bottom line, their reputation, and see IT support costs fast spiral out of control.
How could it happen to you?
Cyber incidents can be the result of malicious attacks by cyber criminals, or the case of innocent errors by employees (iii).
- Web based hacking / attacks by cyber criminals
- Lost or stolen electronic devices either containing personal information or connected to your company's mainframe
- Unsecured disposal of papers containing personal or financial information i.e. failed to shred or utilise a security bin
- Internal or external hard drives disposed without information being adequately wiped or destroyed
- Employees accidentally releasing personal or financial information to the wrong person or without the employer's authorisation
- Employees mistakenly opening malicious emails which transmits a computer virus or gives hackers access to your system
How can Cyber Liability Insurance protect your business?
Cyber Liability Insurance is an essential insurance cover to hold within your Business Insurance program to provide a financial buffer should you fall victim to a cyber-attack.
- Financial compensation to recoup costs that result from a security breach – including business interruption, IT recovery costs and regulatory fines - which can amount to $1.7 million.
- Compensation for clients and customers who suffer financially or emotionally as a result of stolen data.
- Extends to include expenses for legal representation and costs that incorporate forensic and legal counsel.
- Covers the cost of professional consultants to assist in repairing damage to your company’s brand and reputation.
There are a wide range of suitable covers available for both small-medium enterprises and large organisations.
To obtain your Cyber Insurance quote, or to find out more about the implications of a cyber-attack on your business, please contact Whitbread's commercial insurance specialists on 1300 424 627 or firstname.lastname@example.org.
This insight article is not intended to be personal advice and you should not rely on it as a substitute for any form of personal advice. Please contact Whitbread Associates Pty Ltd ABN 69 005 490 228 Licence Number: 229092 trading as Whitbread Insurance Brokers for further information or refer to our website.
(i ) cgul.ink/cybercrimeausgovt
(ii) DUAL Claims Examples - Cyber & Privacy Protection
(iii) Office of the Australian Information Commission - Data Breach Notification Guide 2014