Cyber Insurance

The cyber threat to Australian businesses is one of the most underestimated risks facing the industry. If a business is connected to the Internet, it is exposed to the threat of cyber events. Businesses risk facing financial losses, damage to reputation, loss of intellectual property and disruption to business activities.

 

Ponemon Institute’s 2014 Cost of Cyber Crime Study found that the average time to resolve a cyber attack was 23 days, this increases to 50 days if the attack was an inside job. This resulted in 60% of businesses who experienced a cyber attack going out of business within 6 months of the incident.

 

Our Cyber Event Insurance policy comes with a 24/7 expert response service to minimise loss in the instance of a cyber event and aim to get your business back on track as soon as possible.

What constitutes a Cyber Event?

Point of Sale (POS) intrusions

Where retail transactions are conducted, specifically where credit card purchases are made. 85% of POS intrusions take weeks to be discovered.

High Exposure Industries  

• Retail Sector
• Food Services
• Accommodation

Cyber Extortion

Crime involving an attack or threat against your IT infrastructure, couple with demand for money to stop the attack.

High Exposure Industries  
• Professional services
• Administration
• Public Sector

Miscellaneous Errors

People make mistakes, some of which can compromise security. Including accidently posting private data to a public site, sending information to the wrong recipient or failing to dispose of documents securely.

High Exposure Industries  
• Public Sector
• Administration
• Healthcare & Education

Cyber Espionage

Unauthorised network or system access linked to state affiliated attackers breach an organisation.

High Exposure Industries  
• Professional Services
• Manufacturing
• Government & Military

Denial of Service

Attackers use ‘botnets’ of PCs and powerful servers to overwhelm an organisation’s systems and applications with malicious traffic, causing normal business operations to grind to a halt. Intended to compromise the availability of networks and systems.

High Exposure Industries  
• Online Retailers
• Finance
• Public Sector

Physical Theft & Loss

The loss or theft of laptops, USB drives or printed papers, mostly from offices but also from vehicles and homes. 43% of theft/loss happened at work.

High Exposure Industries  
• Healthcare
• Mining
• Public Sector

Insider & Privilege Misuse

Any unapproved or malicious use of an organisation’s resources. Due to the human nature of this event, even the best Anti Virus protection cannot stop this event.

High Exposure Industries  
• Real Estate
• Public Sector
• Financial Institutions

Web App Attacks

When attackers use stolen credentials or exploit vulnerabilities in web applications such as content management systems or e-commerce platforms.

High Exposure Industries  
• Information
• Utilities
• Retail

Payment Card Skimmers

Where a skimming device is physically implanted on an asset such as an ATM or POS terminal, to read your card data as you pay.

High Exposure Industries  
• Retail
• Hospitality
• Finance

Crimeware

Is a broad category covering any use of malware to compromise systems such as servers and desktop. The primary goal is to gain control of systems to steal credentials.

High Exposure Industries  
• Public Sector
• Information
• Utilities

CRM Brokers can arrange a policy to provide cover in 4 ways…

Cover: Losses to your business

 

What is covered: Costs and revenue replacement cover

 

Example: • Business Interruption • Cyber investigation expenses

Cover: Loss to others

 

What is covered: Sums payable, inc. regulatory fines, penalties and defence costs

 

Example: • Breach of privacy laws  • Fines and penalties

Cover: Cyber Event response costs

 

What is covered: Costs incurred through event response and management services 

 

Example: • Credit and identity monitoring  • Customer notification costs  • Data restoration and securing costs  • Cyber extortion costs  • Virus extraction

Cover: Contingent business interruption

 

What is covered: Costs and revenue replacement if external supplier suffers a Cyber Event

 

Example: • Business Interruption

Data breaches occur every day. While hacking incidents are the most recognisable and expensive cause of data loss, they are not the most common. It’s a startling fact – simple human error accounts for almost one in three incidents.

The root causes of data breaches in Australia
43%

Malicious or Criminal cyber attacks

30%

Human Error including employee/contractor negligence and lost laptops

26%

System Glitches that expose private files

Source: 2015 Cost of Data Breach Study: Australia Ponemon Institute

No matter the sophistication of the security system, there is little that can be done to eliminate the risk of human error. A common, accidental breach is a real business risk worth considering today.

 

Click here to fill out a Cyber Insurance Proposal form (Turnover below $10m)

Click here to fill out a Cyber Insurance Proposal form. (Turnover above $10m)

 

Insurance is just one way of protecting your business from cyber events, however there are a range of defence mechanisms can be applied to lessen the chances of having a cyber event. This is where our partnership with Stay Smart Online comes in.

Partnership with Stay Smart Online

CRM Brokers are proud partners of Stay Smart Online, an Australian Government initiative designed to help everyone understand the risks and simple steps we can take to protect our personal and financial information online.

 

Stay Smart Online have developed a Small Business Guide: “Protecting your business in 5 minutes”, to help you put in place some basic online security practices. The Guide can be downloaded here and will provide you with the basics on how to protect the information entrusted to you by your customers and suppliers.

 

Stay Smart Online also provide a free Alert Service to explain recent online threats and how they can be managed. Small business users are provided with easy to understand online safety and security information and solutions to help protect their online safety a privacy.

 

Sign up to the Alert Service

For more information

Small Business Guide: Protecting your business in 5 minutes

Stay Smart Online have developed this guide, to help you put in place some basic online security practices. The Guide can be downloaded here and will provide you with the basics on how to protect the information entrusted to you by your customers and suppliers.

Cyber Risks on Directors and Officers

To find out more about Cyber Risks on Directors and Officers, click on the brochure. The article focuses on some of the potential implications for company directors around Cyber Crime and data breaches and provide a risk management checklist for both boards and directors. This publication was co-authored by DLA Piper Solicitors, Nitesh Patel and Ewen Hollingsworth.