Mandatory Data Breach Notification is now Law
13th February 2017
The Australian Government has passed into law the mandatory reporting of any Data Breach.
Whether you’re a not-for-profit, private company, family business, publicly listed entity, even Government agency, if you are generating an annual turnover greater than 3 million dollars, you are now accountable.
Even if you only suspect that a data breach has occurred but don’t actually have proof, you will be required to report it…and the penalties for not reporting are financially serious.
Heavy Penalties for Failing to Report a Data BreachHeavy Penalties for Failing to Report a Data Breach
Non-compliance penalties and fines vary from $360,000 to $1.8 million dollars.
A Cyber Liability Insurance isn’t just about protection from loss of income. It’s now about protecting your business from the penalties and fines you may face.
Stop Cyber Criminals From Putting Your Business at Risk
Not many business owners would willingly Chance their Business Reputation. Protect your reputation & business systems against cyber attacks with Cyber Insurance.
Why we’re the right choice for Cyber Insurance
Every business is different and that’s why we tailor your policy to suit your business needs. The reality is that the true value of any insurance policy is only ever tested in the event of a claim. By tailoring your policy exactly for you, nothing get’s left to chance.
For over 100 years we’ve protected Australians. You can rest assured we have the knowledge and expertise to handle every aspect of your insurance purchase.
Price and Coverage
Through our extensive insurance network, you’ll enjoy the benefits of low premiums and broad coverage. Safe in the knowledge you are fully covered in the event of a claim.
Call us to get a quote for your Cyber Attack insurance and answer only 4 risk specific questions. Call 1300 155 338.
Why Does My Business Need Cyber Insurance?
What does Cyber Insurance Cover?
Errors caused by human accident which undermine the security of your systems.
Demands for money linked with threats of attack on IT infrastructure, sometimes involving actual attack.
Credential-stealing malware used to take control of systems.
Web App Attacks
Hacking into the code of software to take advantage of any vulnerabilities, and circumventing authentication.
Denial of Service
Another consequence of cyber attacks, the shut-down of networks and systems.
Insider and Privilege Misuse
Inside-driven malicious use of your IT infrastructure and other resources. May involve collusion with external entities.
Physical Theft and Loss
Concrete assets linked to your IT systems which go missing through deliberate or accidental acts.
Access to your network, or your system, either by individuals working for competitor corporations or those linked to foreign states.
Payment Card Skimmers
Payments skimmed from cards via a device attached to magnetic stripe-reading assets.
Point of Sale (POS) Intrusions
Sales made using cards, or similar transactions.
Frequently Asked Questions
Cyber Attack Insurance premiums start from as low as $800 per annum. There are only 5 questions that need to be answered in order to generate an indicative quotation which have been detailed below:
- Business Name – against which your Cyber Liability quote will be created.
- Industry – the greater the perceived risk of a particular occupation or industry group the higher the premium will be. The ‘risk’ is based on an insurer’s review of claims data attaching to a particular occupation.
- Estimated Annual total of Transactions and Records – the higher the combined total of your client/customer database and number of credit card transactions the greater exposure.
- Annual Aggregate Policy Limit – in simple terms the higher the policy limit, the greater the potential exposure of the insurer and therefore the higher the premium.
- Estimated Annual Turnover/Revenue – in general terms, the greater the annual turnover the greater the exposure attaches to the risk.
After purchasing a Cyber Attack you gain access to global partners that you provide you with immediate support that help you assess, manage and respond to the threat to your business. This triage service can be accessed on a 24/7 basis, increases the speed of claim resolution and minimises impact on you so that you can focus on getting yourself back in business.
The threat of a cyber-attack to SME’s is increasing exponentially, with 65% of Australian organisations experiencing cybercrime in the last two years and more than 1 in 10 reporting losses over $1 million. A common claim scenario is an employee accidentally clicking on an email appearing to be from the ATO, Australia Post, AGL etc. The email hasn’t been sent by the ATO, Australia Post or AGL but instead is a “cryptolocker attack” with links inside the email delivering malicious code that encrypts all local network data including backup data. This crime involving an attack or threat of attack against the business IT infrastructure is also coupled with a demand for money to stop the attack.
If you’re not convinced you need Cyber Insurance then here are the latest facts:
- Consumers in Australia lost $1.2 billion to cybercrime in the past year.
- Ransomware attacks grew 113% globally last year with 24,000 ransomware attacks per day.
- Australia ranks as 5th highest globally for crypto ransomware.
- Attacks target businesses with less than 250 employees, with 43% of all attacks targeted at small business in 2015, proving that companies of all sizes are at risk.
SOURCES: Norton Cybersecurity Insights Report 2015, Global Comparisons. http://au.norton.com/cybersecurity-insights and The Evolution of Ransomware, August 6, 2015, http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-evolution-of-ransomware.pdf
From March 2014 privacy legislation introduced penalties of over $300,000 for individuals and $1.7million for companies for breaching privacy legislation. Protect your business and yourself with cyber insurance.
Many companies believe that their current IT security arrangements are sufficient, but unfortunately it’s not realistic to think that they can lock out all criminals and hackers. Despite the use of firewalls, antivirus/spyware or malware software your IT provider will not guarantee that this will protect your business from any attack.
A lot of companies are also moving towards cloud computing on the assumption that that is a solution total solution, however while this moves the workload to the cloud it doesn’t shift the information security and data liability, which at law remains with the business.
By all means continue to use encryption and passwords, but keep in mind that statistics show that disgruntled or distracted employees are a firm’s biggest threat and that humans are usually the weakest link in the security system.
Based on research from IT security firm ESET, Australia has the third-highest rate of detected ransom ware attacks in the world – even higher than the United States. It’s not a case of if, but when an attack will happen therefore you need to make sure that you are equipped to manage the risk by way of Cyber Insurance policy.
In summary, there needs to be a change in attitude away from viewing cyber security as simply an IT issue to one involving risk management plan that incorporates Cyber Insurance.