Cyber-attacks cost businesses all over the world. It not only devastates the business financially, but also can deter the business’s reputation, loss of capital and assets, and legal difficulties may arise.
According to the Australian Government, the average cost of a cyber incident in Australia is $276,232. For primarily internet-based businesses, a cyber-attack can halt online operations for some time, resulting in a loss of revenue. The total cost may not be from the initial attack itself but from the loss of financial information from the attack. This will then require more time spent researching how the breach may have happened in the first place and the time and money spent developing a solution to the problem. Hiring outside specialists is often required, for example, developers and network security specialists to further investigate.
Cyber-attacks can also put the customer’s personal information at risk – which tends to damage the business’s reputation. An attack resulting in the compromise of a customer’s financial information can halt operations or permanently put an organisation out of business. A potential customer may avoid doing business with you because they will have the impression that your business is careless, your internal cyber controls are weak or will believe that having an association with your business will damage their reputation. It is highly unlikely that a business will recover from the potential damage to its reputation caused by a single attack. Many SME’s will most certainly struggle to regain the trust and confidence from existing clients, not to mention the trust and confidence of new potential customers.
There’s no secret that your client’s information should be kept sacred and stored on your business’s computer system. If you don’t protect the information properly, you could be exposed to a cyber-attack. If your client’s personal information has been made public or is at risk, they may sue you for the invasion of privacy or for your failure to protect their data. Cyber Insurance covers your business against the expense and legal costs associated with data breaches, which may occur after a cyber-attack or from loss of client information. See claim examples below:
Claim Examples (via Lauw)
What happened: A leading provider of managed services including IT platform hosting and infrastructure and support services suffered a sophisticated electronic security breach. The company had an extensive mainframe platform with partitions configured to customer requirements. A hacker employed malicious software tools and used masking techniques on the company’s mainframe, concealing their IP address to gain unauthorised access to the network.
Outcome: The security breach cost over $1m to resolve including $600,000 covered under Data Recovery and Business Income Loss.
What happened: A small health clinic discovered that an unauthorised third party had gained remote access to a server that contained electronic medical records. The third party posted a message on the network stating that the information on the server had been encrypted and could only be accessed with a password that would be supplied if the insured made a “ransom” payment.
Outcome: The insured contacted law enforcement, and determined that the payment ($2,500) should be made. The payment constituted cyber extortion monies under the policy. Furthermore, loss of business income amounted to $65,000 and IT forensic costs of $5,000 were paid in accordance with the coverage provided by other sections of the policy.
In today’s age, it is important for your business to have Cyber Protection Insurance in place. Cyber Protection Insurance is designed to help protect businesses from the financial impact of computer hacking or a data breach. More than 20% of Australian businesses have experienced cyber crime, 40% of those were directed at SME’s (CERT Australia, 2012). Businesses that have websites or electronic records are those who are usually vulnerable to cyber hackers.
What can Cyber Protection Insurance cover?
Cyber Insurance policies can vary in the benefits they provide to customers. At East West Insurance Brokers, we can help you find the most suitable product that meets the needs of your business. Here are the types of cover that your Cyber Protection policy may include (via the Steadfast brochure):
|TYPE OF COVER||POTENTIAL BENEFITS|
|First Party Losses|
|Business Interruption losses||Cover financial loss you may suffer as a result of a cyber attack|
|Cyber Extortion||The costs of a cyber-attack, such as hiring negotiation experts, covering extortion demands and prevention of future threats.|
|Electronic data replacement||The costs of recovering or replacing your records and other business data.
|Third Party Losses|
|Security and privacy liability||Damages to your reputation resulting from data breaches, such as loss of third party data held on your system.|
|Defence costs||Funds the legal costs of defending claims.|
|Regulatory breach liability||Covers legal expenses and the costs of fines arising from investigation by a government regulator.|
|Electronic media liability||The costs of copyright infringement, defamation claims and misuse of certain types of intellectual property online.|
|Crisis management expenses||Provides cover for the costs of managing a crisis caused by cyber hackers.|
|Notification and monitoring expenses||The costs of notifying customers of a security breach, and monitoring their credit card details to prevent further attacks.|
If you think your business is not at risk to a cyber-attack, think again. Every business with an online presence is at risk of a cyber-attack and with cybercrime on the rise, it may be time to start thinking about getting your business covered.
The attached brochure outlines everything you need to know about Cyber Protection, why it is important and what is covered. Don’t wait until it’s too late – contact the team at East West Insurance Brokers today. We can explain how the cover works, and help you decide on the level of cover you may need. Call us today on 1800 809 132 or email us on firstname.lastname@example.org
Click here to read the full Steadfast Cyber Protection brochure