When changing passwords won’t protect you, cyber insurance will.
If your small business relies on digital technology to make sales, communicate or store information then you are exposed to what’s known as ‘cyber liability’ or ‘cyber risk’.
As foreign as it sounds, it’s a real issue in 2019 - cyber risk costs the global economy more than $450 billion a year1. These costs come from range of events from getting your website hacked, to being sued for something you published online.
This is why Australian businesses are turning to cyber insurance.
Receive quotes from these direct insurance brands
If you are ready to speak with a consultant about different business insurance options available, simply enter your details in the form. Keep reading if you want to learn more about the different types of cover available.
Before we get into the details of what's covered let's take a look at a few examples of cyber crime and the type of insurance that comes into play.
Cyber breach example
Event that's covered by cyber insurance
A business is targeted by a real looking email pretending to be a bank, informing the recipient of changed bank details.
Social engineering fraud loss
An online business get's their data hacked, loosing customer information and receiving criticism from the public.
Third party liability (e.g. if customer sues)
Event recovery costs
A cyber attack of a businesses website and network.
Cyber liability insurance policies typically offer coverage for a range of first-party (things that affect you) and third-party losses (things that affect other people.
Business interruption. This is a crucial inclusion and provides cover for any loss of income and related costs when a cyber attack or data breach means you are unable to conduct your normal business. This ensures you have sufficient funds available to continue trading until the situation returns to normal.
Theft and fraud. This covers the loss or destruction of your data as a result of a security breach or identity theft.
Forensic investigation and data recovery. In order to determine whether a cyber attack has occurred, you may have to pay for technical, legal or forensic services. Your insurance will provide cover for this expense, and may also reimburse you for the cost to restore, repair or replace lost data.
Extortion. If you find yourself in the unfortunate situation where extortionate threats are made against your business, protection is available. For example, criminals may demand money or property, they may threaten to disclose confidential information about your business, or they may threaten to introduce a virus or malware to your IT systems.
Crisis management and PR. In some cases you will need to take emergency action to ensure the secure future of your business. Crisis management may be needed, as might a PR or advertising campaign to make consumers aware of the data breach and how your business reacted. Your cyber liability insurance provides cover for the cost of this.
Regulatory defence expenses. If a data breach results in a regulatory claim from a government agency, for example the Federal Trade Commission or the Federal Communication Commission, your policy will provide cover. Coverage is available for fines, penalties and investigations.
Litigation expenses. This covers costs arising from civil lawsuits, judgements, settlements etc that result from a cyber attack or data breach. Others may claim that their finances, property or reputation were damaged by your failure to secure your IT systems, so you may become legally liable to pay damages or compensation. This is where cyber liability cover kicks in.
Notification costs. This covers any cost involved in notifying your customers of a data breach.
Monitoring. This covers the cost of any credit monitoring or fraud monitoring of employees or customers after a data breach.
Communications and media liability. This provides coverage for any media liability, including the unauthorised use of copyrighted material or trademarks published by your business.
What are some benefits of getting cyber insurance?
These days, the business world and the digital world are closely linked. While this has made it much easier to do business in Australia and around the world, it also means that business of all sizes face a new and varied range of cyber risks. Cyber hacking is a real threat faced by everyone from sole traders to large corporations, which is why cyber liability insurance can offer a range of benefits, including:
A wide range of cover. From the personal and payment details of customers to information about the inner workings of your business, cyber hackers target an extensive range of information. If you’re the victim of a hacking attack, cyber liability insurance can provide business interruption cover, cover damages claims when you lose third party data, and even cover the cost of hiring a public relations firm to help you manage any negative publicity.
Affordable protection. Some business owners are put off the idea of purchasing cyber liability cover because they fear it will be too expensive. However, cover is actually much more affordable than you may realise.
Risk management. Your cyber liability insurer can not only help you in the event of a hacking attack, but can also help you prevent such attacks occurring. Your insurer will help you work out a risk management strategy and ensure you have adequate protection in place for your digital systems.
Cover not provided by public liability insurance. Most public liability business insurance policies will exclude losses connected with the internet from your cover, which is yet another reason why dedicated cyber liability cover is a wise investment.
Cyber crime in 2020
In today’s increasingly complex technological world, businesses are faced with more risks than ever before. Cyber crime is on the rise in Australia and around the world, and the potential loss that businesses can incur as a result is huge.
A newly released Australian government report revealed a rapid rise in the number of data breaches among organisations across the country. According to the study, data security is a serious concern for many of Australia’s largest businesses, while even small businesses expressed concern about the dangerous potential for cyber attacks. Over one fifth of the 255 companies that the government surveyed stated that they had been targeted by cyber criminals during 2012.
Over one fifth of the 255 companies that the government surveyed stated that they had been targeted by cyber criminals during 2012.
Data breaches involving large companies, especially those with a high online presence, seem to be regularly reported in the papers these days. For example, a data breach at Target in the US over the 2013 holiday season affected 40 million credit and debit card accounts.
Many companies have started seeking out cyber liability insurance to protect their business.
This type of cover offers a high level of protection and equips businesses with the tools they need to survive financially.
The financial losses a business may suffer as a result of cyber theft can be quite substantial. According to the Cyber Aware National Report, a cyber breach can in many cases cost $1,000 to $5,000 in damages, with over two-thirds of businesses unable to cover these costs.
Generally speaking, the more data that is compromised, the greater the cost will be. If your company falls victim to a large breach of data, the number of associated expenses incurred may surprise you. Some of the key costs include:
Detecting a breach and notifying the affected parties. Sophisticated breaches may take months to notice, which can allow damage—and expenses—to accumulate until the problem is discovered.
Mitigating and repairing the damage. This may require the assistance of a computer expert.
Losing business and clients. Lost business has been shown to make of the biggest percentage of losses resulting from data breaches. When a business loses its reputation and is no longer seen as trustworthy or secure by its customers, the impact can be huge.
Fines and penalties. This can be imposed from a number of sources if you don't protect sensitive data. while you may have to pay damages to settle claims against your business.
Inability to perform business as usual. A data breach can also cause a significant disruption to the everyday running of your business, pulling IT and key management staff away from their regular duties and resulting in a loss of productivity.
Cost of introducing tighter safety measures. Add in the possible cost of introducing enhanced security and monitoring protocols and you’re looking at a significantly costly exercise for your business.
The sum insured. The higher the sum insured you select, the more your premiums will be.
The range of cover you select. If you decide to add additional options to your policy to make it more suitable for your business, you will need to pay more for cover.
The risks you face. The insurer will assess the unique risks your business faces when determining the cost of cover - for example, a business that collects online payment information from customers may a have a higher level of risk than another business that does not.
The protection measures you have in place. The insurer will assess what protective measures your business has in place to safeguard against cyber attacks.
The nature of your business. The industry in which you work and the digital systems you manage will affect your level of risk.
The number of employees you have. The more employees you have, the larger the amount of personal information your business will store, which may make it a more attractive target for hackers.
What types of industries might consider taking out cyber insurance?
Businesses in a number of industries might consider taking out cyber insurance. In particular, businesses in financial and healthcare industries rely significantly on reputations to ensure their success, so a damaged reputation can have a massively detrimental impact.
Industries where cyber liability cover must be considered include:
Telecommunications or Internet services
Does cyber liability insurance cover data breaches?
Cyber liability insurance provides cover in the event that your business is a victim of a data breach. It covers the financial consequences of lost or stolen employee or customer data, including damages claims and loss of profit, while it also covers the cost of restoring or recollecting data following a breach.
In addition, cyber liability insurance covers your expenses if you are the subject of a data protection regulator’s investigation, and also covers the cost of hiring a PR firm to repair your business’ image following a data breach.
How do data breaches even affect my business?
In the modern world, it’s essential for business to hold and sensitive information online. From cloud-based data storage to online credit card payments, customer address details and employee tax file numbers, modern businesses store and send a wide range of important information across digital channels.
This of course makes businesses an attractive target for cyber criminals keen to get their hands on sensitive personal and financial details.
Tips to compare cyber insurance
When comparing cyber liability insurance policies, make sure to take the following factors into consideration:
Identify the risks your business faces. The biggest risk for one business might be completely different to the biggest risk for the next. Would the exposure of your customers’ personal information pose the biggest threat to you, or would it be the interruption to your ability to continue providing a service? Make sure you know the problems your business could face.
What sort of cover do you already have? Some of the insurance you already have in place may provide some coverage for cyber risks. Speak to an insurance expert to understand how your business is placed.
Get the right level of cover. Cyber liability is not a ‘one size fits all’ type of cover. Concentrate on making sure your policy includes all the basic features, but assess whether some of the tailored options will be necessary. Also, determine if the amount you’re insured for will be enough to cover the costs you’ll incur in the event of a data breach. It’s a good idea to involve all stakeholders from different branches within the company to accurately assess how much cover you’ll need.
Know what’s excluded. Knowing what is and isn’t covered on any insurance policy is always essential. Check your insurer’s list of exclusions to prevent any nasty surprises at some stage in the future.
What about third-party negligence? If, like many business, you outsource tasks like data processing or storage to a third party, check whether negligence from that third-party will be covered by your insurance provider.
Still unsure why Cyber insurance is essential for your business?
A presence in the online world exposes your business to significantly more threats than bricks-and-mortar stores would encounter. If you’ve got an online shopfront, your site is constantly available all over the world and can be accessed from an ever-increasing number of technological devices. It’s quite easy to see that the potential exposure to malicious activities is greatly increased.
In addition, the online world poses an increased risk to smaller business because they must rely on third-party vendors. While larger companies can manage all of their IT needs in house, smaller companies rely on third parties for things like data storage, so cyber liability cover can help cover the expenses incurred by any negligence on behalf of those third parties.
Finally, cyber liability insurance cover can be tailored to suit your business. Each business has its own insurance needs, so make sure you’re aware of the risks your business faces before you buy coverage. Shop around and seek expert advice to ensure you end up with the right level of cover.
Will Eve is the lead publisher of the global team at Finder. He was previously the group publisher for insurance for Finder Australia. Will has a Bachelor of Communications from the University of Technology Sydney. He loves the challenge of launching Finder into new markets while helping grow Finder’s global team.
How likely would you be to recommend finder to a friend or colleague?
Very UnlikelyExtremely Likely
Thank you for your feedback.
Our goal is to create the best possible product, and your thoughts, ideas and suggestions play a major role in helping us identify opportunities to improve.
Important information about this website
finder.com.au is one of Australia's leading comparison websites. We compare from a wide set of major banks, insurers and product issuers.
finder.com.au has access to track details from the product issuers listed on our sites. Although we provide information on the products offered by a wide range of issuers, we don't cover every available product. You should consider whether the products featured on our site are appropriate for your needs and seek independent advice if you have any questions.
Products marked as 'Promoted' or "Advertisement" are prominently displayed either as a result of a commercial advertising arrangement or to highlight a particular product, provider or feature. Finder may receive remuneration from the Provider if you click on the related link, purchase or enquire about the product. Finder's decision to show a 'promoted' product is neither a recommendation that the product is appropriate for you nor an indication that the product is the best in its category. We encourage you to use the tools and information we provide to compare your options and find the best option for you.
The identification of a group of products, as 'Top' or 'Best' is a reflection of user preferences based on current website data. On a regular basis, analytics drive the creation of a list of popular products. Where these products are grouped, they appear in no particular order.
Where our site links to particular products or displays 'Go to site' buttons, we may receive a commission, referral fee or payment.
We try to take an open and transparent approach and provide a broad based comparison service. However, you should be aware that while we are an independently owned service, our comparison service does not include all providers or all products available in the market.
Some product issuers may provide products or offer services through multiple brands, associated companies or different labelling arrangements. This can make it difficult for consumers to compare alternatives or identify the companies behind the products. However, we aim to provide information to enable consumers to understand these issues.
Providing or obtaining an estimated insurance quote through us does not guarantee you can get the insurance. Acceptance by insurance companies is based on things like occupation, health and lifestyle. By providing you with the ability to apply for a credit card or loan we are not guaranteeing that your application will be approved. Your application for credit products is subject to the Provider's terms and conditions as well as their application and lending criteria.