Cyber hacking incidents are on the increase making cyber insurance ever more important argues commercial insurance broker John Catibog.
The Notifiable Data Breach scheme took effect on 22nd February and changed the way Australian businesses are expected to respond to a data breach. It is now mandatory for any business with annual revenues over $3 million to report an incident to the Office of the Australian Information Commissioner.
With the average cost per affected record at $139 (Ponemon Institute), the impact of a security breach can be crippling to a business when multiplied by the hundreds, if not thousands, of customer and supplier records they keep.
The cyber insurance market is still in its infancy in Australia, and not all cyber insurance products are the same. So it is important to understand what exactly is covered so there are no surprises when your system is compromised.
Here are five important covers to understand in a cyber insurance policy.
Notification and crisis management cover
The new laws require that notification of those likely to be harmed occur within 30 days. The cost to notify potentially hundreds of individuals in a short period of time can be significant.
A security breach will also need to be investigated to minimise further damage. Bad press and loss of customers trust will need to be managed after an incident is discovered, and so the services of IT forensics experts and public relations professionals may be required as a result.
The notification expenses and hiring of professionals are just some of the costs that this cover could help protect against.
Data recovery and business interruption cover
After a breach has occurred, there will be expenses to recover your data and restore your system. You may also lose significant income while your system is down.
After serving a waiting period, you could make a claim for the lost income you incur and the costs of getting back to business.
Extortion and social engineering costs
According to Telstra, 57% of organisations paid a cyber ransom demand but almost one-third did not recover the data.
Social engineering does not always involve computer hacking activities. An example might be a hacker calling and pretending to be a trusted associate to gain access to information or manipulating the transfer of funds.
Ransom payments and money lost by a company from fraudulent crimes could be claimed with this cover in place.
Third party liability cover
Considering that the average total cost for a data beach is $2.51 million, it is important to have adequate cover to protect against any lawsuits and damages that you may be liable to pay to those affected as a result of your security or privacy breach.
Multimedia cover includes protection for the costs incurred for defamation, copyright, piracy and errors and omissions with the use of multimedia content and social media platforms.
Look for these five essential covers in a cyber insurance policy to adequately protect your business before a data breach occurs.
Indagard Insurance Services
0456 456 085