Recent Medibank & Optus cyber attacks have placed the spotlight on this increasing risk to business. Personal data of customers being offered for sale on the dark web, imagine the payouts from the inevitable class actions that will follow considering the personal details of 40% of the Australian population are involved.
Cyber experts offer reasons for increases in cyber attacks with varying degrees of merit. Statistics are presented confirming the increased number, severity & cost of cyber attacks. Depending on who is trying to scare you and what figures are being manipulated annual increases in cyber crime are between 13% & 600%. From an insurance perspective cyber crime has roughly cost the industry twice as much this year as last year with the trend set to continue.
Why? It’s about business & return on investment.
In the early days of cyber crime we simply had to overcome our feelings of greed and not reply with our bank details to an African dictator or prince’s email wanting to deposit millions of Euro into said account. Things have moved on and so has the business model, they learnt how to hack into your system and encrypt one computer, progressing to encrypting an entire network. Now they exfiltrate data then encrypt the network & data your business depends on and holds them both for ransom.
During one Cyber seminar a speaker cited an academic paper that Ransomware offers a better return on investment than the international drug trade to criminal organisations. They are also paid in virtually untraceable crypto currency. Expect growth in this market.
Whilst Ransomware claims generally cost the industry the most in dollar terms, the most common claim is theft of funds.
IT security & staff education are “best practice” preventative actions, however just as locks, bars & alarms are there to deter a physical break in they don’t always work. We hold insurance just in case. The insurance industry has developed Cyber cover to allow business to transfer the risk.
Beware the Jargon.
Both IT & Insurance industries are prolific users of Jargon and Terms & Conditions. With the increase in claims a number of Cyber insurers have been introducing conditions on cover. Do you update all software patches as soon as they become available? are all your systems compliant? do you change passwords every 30 days? do you use dual step authentication for all logins? are mobile phones password protected? do you ban the use of free wifi on all devices? do you conduct social engineering/phishing/phreaking & IT training for staff & provide a procedures manual? Is your backup system compliant? The list of measures can be quite daunting.
From experience renewing cyber covers this year a surprising number of businesses did not meet the increasing requirements of some cyber insurers. An alarming development demanding an immediate solution!
A solution for ATSA members
We have teamed with specialist underwriters to offer a comprehensive Cyber cover for ATSA members devoid of onerous security requirements & questionnaires.
Cover is market leading with 4 key unique benefits.
- A short form application consisting of 7 simple questions
- No warranties or conditions that require ATSA members to have certain cyber security measures in place
- No excess for incident response. (Brisbane Based response team)
- Free Risk Management. Including employee phishing training & Dark Web monitoring service (Looks to see if your information is for sale on the Dark Web) conducted by a dedicated Cyber Threat Analysis Team
Need a quote? Simply email Brendon.email@example.com with answers to the following 7 questions or call 0433 166 036 to discuss.
- Company Name
- ABN and confirmation they are registered for GST
- Number of full time employees
- Annual gross revenue (last complete financial year)
- Main activity