What is Cyber Insurance? 

During the 2020-21 financial year, the Australian Cyber Security Centre (ACSC) observed self-reported losses from cybercrime in Australia totalling a staggering $33 billion. Most businesses rely on technology to some extent, which means they’re exposed to increasingly sophisticated cybercriminals. According to the ACSC, an average of 164 cybercrime reports are made by Australians every day – that's about one report every 10 minutes.  

Cyber Insurance covers the physical loss or damage to information, IT systems and networks. It can also cover loss of profits to be business, caused by the introduction of malware, extortion or hacking, as well as management of the incident itself. 

Why is Cyber Insurance important?

Businesses must have guards against hackers and other types of cyber breaches. What’s more, because of stricter data privacy laws, they’re increasingly required to ensure personal information is secure. A breach will be investigated and require costly actions, including contacting hundreds or thousands of customers. There’s also the potential for hefty fines and penalties.

It’s easier to buy an insurance cover that protects your main cyber-related risks of damage to your systems and recovery, rather than trying to find specialist consultants to rebuild systems and keep the business operating. Cyber Insurance policies also generally include significant support with managing the incident, which can be essential when faced with reputational damage or regulatory enforcement.

What does Cyber Insurance cover?

There is a wide range of Cyber Insurance available. While all policies cover liability to third parties for passing on viruses, some also cover damage to your own networks. 

Additional sections that we recommend considering include:

• incident response – specialists to identify the issue and repair
• lost income and additional costs related to the incident
• data recovery and restoration
• consumer notification costs and ongoing monitoring costs
• legal defence costs
• cyber extortion management and fees
• crisis and PR management of the incident
• management of communications with regulators. 

Managing cyber risks to your business

Cyber Insurance is a key part of your management of cyber incidents and attacks. Many resources are available to help minimise the likelihood of a successful attack, including the Australian Cyber Security Centre. 

The top 3 things that you can do easily are:

1. Update your devices to protect information.
2. Set up multi-factor authentication for logging on.
3. Back up your data real-time at least daily.

Explore your insurance options today. Talk to your professional insurance and risk adviser and get the best cover for you and your risks.

Frequently Asked Questions

What is not covered by Cyber Insurance? 

Like any insurance, not everything is covered by your policy. Some common exclusions include:

• personal injury
• consumer redress funds, unless specifically covered
• loss of money or securities, unless specifically covered
• your intentional conduct or wrongful use of personal information 
• failure to take reasonable care in securing your IT systems

Is Cyber Insurance required in Australia? 

Cyber Insurance can help you to manage your business's financial risks. While it isn’t mandatory in Australia, it is expected that certain businesses have some level of cover in place – including critical industries, care, finances and utilities. Without insurance, you would be forced to pay out of your own pocket for repair, recovery, and remediation costs from a cyber incident or attack.
 

What are the main areas covered under Cyber Insurance?
 
Cyber Insurance typically helps you with expenses spent on five main areas: 

1. Third-party liability
2. Emergency response and business continuity assistance
3. Recovery of your data and IT systems
4. Business interruption due to interference to your systems
5. Loss to you from crime or fraud. 
    

Does Cyber Insurance cover data loss? 

Yes, Cyber Insurance covers your lost information and data, as well as any loss caused to your customers or suppliers if a virus is transferred. It also covers:

• notifying potentially affected customers of a data breach
• employing computer forensic experts to identify and restore data
• repairing damaged computer systems, both hardware and software, to enable the data and systems to operate.

What are the benefits of Cyber Insurance? 

Cyber insurance is a specialist insurance policy that provides cover against cyber incidents or attacks that aren’t covered by other insurance policies, such as professional indemnity, management liability, or business packs. This could potentially leave a gap in cover. A Cyber Insurance policy will pay for legal costs, crisis managers, and payment of credits and refunds to customers.