Friday, 6 Apr 2018
The recently released Accenture and The Ponemon Institute 2017 Cost of Cyber Crime Study (1) reported that cyber-crime in Australia has increased by over 25 percent in 2017, the second highest rate of countries surveyed.
In Australia, malicious insiders, phishing and social engineering are the costliest attack types, with a price tag of $136,804 and $112,902 per incident, respectively.
Australian technology media are predicting worse times ahead for cyber-attacks on Australian businesses.
“There are only a couple of near-certainties for cyber security in 2018: that the market will continue to be buoyant and that attacks will become more sophisticated.” (2)
Information loss is one of the most expensive consequences of cyber-attacks in Australia, second to business disruption (41 per cent and 32 per cent respectively)
The most common security technologies deployed in Australia are security intelligence systems (64 per cent), advanced identity and access governance (60 per cent). (3)
According to the Minter Ellison ‘Perspectives on Cyber Risk 2017’ report, every kind of organisation – government, state owned enterprises, public and private companies and not-for-profits – has been affected. In every industry – from finance, retail, hospitality and healthcare, to mining and resources, utilities, professional services and education, it’s clear that everyone is fair game in cyberspace. (4)
Australian businesses are more aware of emerging threats than ever, and the increase in cybersecurity protection is increasing to reflect that.
Best practice risk management routinely asks business owners to accept and take on risk. The question many are asking their CIOs and IT managements is “is reliance on cyber-security software is enough, or do we need to transfer risk to also incorporate cyber security insurance?”
A relatively new type of insurance, cyber risk insurance or cyber-security insurance is designed to help an organisation mitigate risk exposure by offsetting costs involved with recovery after a cyber-related security breach or similar event.
Despite an increasing awareness of cyber-attacks and cyber-breaches, Australian businesses are lagging globally in obtaining cover against this important emerging risk despite the massive increase in cyber-attacks in Australia each year.
Regardless of size or industry, all Australian businesses use technology in some way to deliver their products and services. Data breaches, electronic theft and vandalism, and even copyright infringement is make protecting sensitive data an issue for every organisation.
Being prepared to respond can help limit your losses when a cyber incident occurs.
Australia’s new Mandatory Data Breach Notification laws and Cyber Insurance
On 22 February 2018, Australia’s long debated data breach notification laws. This will give Australia some of the strictest disclosure rules in the world.
The new law obligates all agencies and businesses that are regulated by the Privacy Act to provide notice to the Office of the Australian Information Commissioner (OAIC) and affected individuals of certain data breaches that are ‘likely’ to result in ‘serious harm’.
But, data breaches are not only limited to nefarious actions, like thefts or hacks. It can also apply to any accidental loss or disclosure of someone’s personal information caused by an organisation’s failure to apply ‘reasonable’ care in the handling of personal information.
Cyber Insurance can cover your business
Cyber-risk insurance can help cover financial losses your business can suffer following a cyber security breach or attack.
Austbrokers City State can work with you to develop the right level of cyber-risk insurance to protect your business.
After all, when placing a price on preserving your organisation’s data integrity, it’s important to recognise that the true cost to your business may occur long after you’ve repaired the initial damage.
1. https://www.accenture.com/au-en/insight-cost-of-cybercrime-2017
4. https://www.minterellison.com/articles/the-report-perspectives-on-cyber-risk-2017