What is Cyber Insurance?
Cyber Insurance covers the physical loss or damage to information, IT systems and networks. It can also cover the loss of profits to businesses caused by the introduction of malware, extortion or hacking. Insurance policies generally include significant assistance with and management of the incident itself, which can be essential when faced with reputational damage or regulatory enforcement.
Why is Cyber Insurance important?
During the 2020-21 financial year, the Australian Cyber Security Centre (ACSC) observed self-reported losses from cybercrime in Australia totalling a staggering $33 billion. Most businesses rely on technology to some extent and are increasingly exposed to increasingly sophisticated cyber criminals. In Australia, there is some type of cyber-related attack every 8 minutes, last year, attacks occurred on average every 10 minutes.
Businesses not only have guarded against hackers and other types of cyber breaches but because of stricter data privacy laws, companies are also increasingly required to ensure personal information is secure. A breach will be investigated and require costly actions, including contacting hundreds or thousands of customers. There’s also the potential for hefty fines and penalties.
Firstly, it’s easier to buy an insurance cover that protects your main cyber-related risks of damage to your systems and recovery rather than trying to find and pay specialist consultants to rebuild systems and keep the business operating. Secondly, Cyber insurance policies include significant assistance with and management of the incident itself, which can be essential when faced with reputational damage or regulatory enforcement.
What does Cyber Insurance cover?
There is a wide range of cyber insurance available. All cover liability to third parties for passing on viruses. Other policies cover damage to your own networks. Some additional sections that we recommend being considered include:
- Incident response – specialists to identify the issue and repair;
- Lost income and additional costs related to the incident;
- Data recovery and restoration;
- Consumer notification costs and ongoing monitoring costs;
- Legal defence costs;
- Cyber extortion management and fees;
- Crisis and PR management of the incident; and
- Management of communications with regulators.
Cyber insurance is a key part of your management of cyber incidents and attacks. There are lots of resources available to assist in minimising the likelihood of a successful attack, including the Australian Cyber Security Centre. The top 3 things that you can do easily are:
- Update your devices to protect information;
- Multi-factor authentication for logging on; and
- Back up your data in real-time or at least daily.
Explore your insurance options today. Talk to your professional insurance and risk adviser and get the best cover for you and your risks. Book an appointment with Insurance Advisernet today!
Frequently Asked Questions
- What is not covered by Cyber Insurance?
Like any insurance, not everything is covered. Some common exclusions include:
- personal injury;
- Consumer Redress funds, unless specifically covered;
- loss of money or securities, unless specifically covered;
- your intentional conduct or wrongful use of personal information or failure to take reasonable care in securing your IT systems.
- Is Cyber Insurance required in Australia?
While Cyber Insurance is not mandatory in Australia, it is expected that certain industries have some level of cover in place for critical industries, care, finances and utilities. Like many other types of insurance, cyber can help you to manage your business's financial risks. Without cybersecurity insurance, you would be forced to pay out of your own pocket for repair, recovery, and remediation costs from a cyber incident or attack.
- What are the five main areas covered under Cyber Liability?
Cyber Insurance typically helps you with expenses spent on the following:
- Third-party liability
- Emergency Response and Business Continuity assistance
- Recovery of your data and IT systems
- Business interruption due to interference to your systems; and
- Loss to you from crime or fraud.
- Does Cyber Insurance cover data loss?
Yes, Cyber Insurance covers your lost information and data, as well as any loss caused to your customers or suppliers if a virus is transferred. In addition:
- Notify potentially affected customers of a data breach
- Employing computer forensic experts to identify and restore data
- Repairing damaged computer systems, both hardware and software, to enable the data and systems to operate;
- What are the benefits of Cyber Insurance?
Cyber Insurance is a specialist insurance policy which provides cover against cyber incidents or attacks that are not covered by other insurance policies, such as professional indemnity, management liability or business packs. This could potentially leave a gap in cover. A cyber insurance policy will also pay for legal costs, crisis managers, and payment of credits and refunds to customers.