Cyber risk needs to be considered
CYBER LIABILITY INSURANCE PROTECTS YOUR ENTERPRISE FROM THE FINANCIAL IMPACT OF LOSING OR COMPROMISING YOUR OWN OR OTHER PEOPLE’S INFORMATION
AMANDA STEVENSON
DOES your business need cyber insurance? Is your business likely to be threatened by cyber risk?
Absolutely.
If you’ve got an internet connection, you’re at risk of an attack or incident that could close you down or inflict financial damage.
Small businesses aren’t exempt. Over a third of global cyber-attacks target companies with fewer than 250 employees. Every business needs cyber protection.
That’s where cyber liability insurance comes in.
Cyber liability insurance protects your enterprise from the financial impact of losing or compromising your own or other people’s information.
This can take the form of personal or business data stored in your records.
If your business is hit by a cyber-breach, the people or companies whose data has been compromised could sue you and if you fail to notify the Office of the Australian Information Commissioner, you could face penalties.
Loss of data can occur as a result of a targeted cyber-attack or human error factors such as losing paperwork, a memory stick or a device, failing to have adequate security on a device that’s used for both personal and business purposes or if your network provider’s system is compromised.
Worryingly, many Australian businesses are unprepared for dealing with a cyber incident and this is especially true for small to medium sized enterprises (SMEs).
Almost half the SME respondents in a recent survey by insurance company Chubb were unaware of their obligations under the Notifiable Data Breaches Scheme.
Only 40 per cent thought their revenue or sales would suffer and only 27 per cent had cyber insurance.
Impacts that affect your business internally can also be expensive, especially if an attack closes your systems down.
You would suffer loss of income, probably need to hire an expert to save or retrieve your important data and you might need to engage damage control services to help limit loss of customers and reputation.
Interruption to normal operations represents a loss to any business because you have to maintain running costs.
Small businesses are particularly vulnerable because they typically have less resources and may be servicing loans.
Externally, if the people or companies whose information has been compromised bring legal actions for damages or negligence against you, you’ll have to pay the legal costs of answering the claim and any damages imposed, which could be crippling.
Most cyber insurance policies cover the costs of impacts to both your own business and external parties. Cyber insurance may be available as part of a business pack and exclude some risks or liabilities under its terms.
A dedicated stand-alone cyber insurance policy is likely to be more comprehensive, offer higher caps on payouts and include provisions specific to containing and remediating a breach and the costs involved.
Amanda Stevenson is an account executive with Gallagher Insurance