Home BlogBusiness Risks

Media

Cyber Insurance

Business Risks

Mon 17-07-2017

5 reasons why your company needs cyber insurance

It’s been on the market for a while now and demand for it has grown over the last two years, but uptake of cyber insurance in Australia is still alarmingly low.

Companies are disconcertingly complacent in the face of the growing cyber threat.

But the reality is that your company is almost certain to experience a cyber security incident, such as a data breach or ransomware attack. And without the proper risk management strategies and insurance policies in place, such an attack could seriously threaten your financial viability and ability to do business.

Still not convinced you need cyber insurance? Here are 5 reasons why you do.

 

1. Your staff rely on computers to get their jobs done

We hate to state the obvious, but here’s the thing: if your organisation uses any internet-connected devices for work purposes, you need cyber insurance.

Simply accessing the internet on devices – whether they be computers or smartphones on or off your network – puts your business at risk of a cyberattack. Nobody is immune to cyber risk, and every company that’s using technology and the internet needs cyber insurance as part of an effective risk management plan. 

2. Your company handles and/or stores personal data from clients and customers

If you use, store or disclose personal information about your customers or clients, you need cyber insurance. Why? Because this information is a valuable commodity for hackers, and collecting it makes you a target for data breaches and other cyber security incidents.

Personal information refers to any information that can be used to ascertain or reveal someone’s identity such as their name, address, email address or telephone number. In accordance with the Privacy Act it’s your responsibility to ensure that this type of information is collected, used and stored in a safe and compliant manner. In addition to being aware of your privacy obligations, you need to mitigate your cyber risk exposures with a risk management programme, cyber insurance and a data breach response plan. 

So here’s the key takeaway: handling personal information is a cyber risk exposure that you need to mitigate with risk management and cyber insurance.

3. You use cloud services

With more businesses using internet in PNG, it’s safe to say that cloud technology has entered the mainstream of business ICT. 

If you’re among the high percentage of cloud-friendly businesses, you need cyber insurance. Here’s why:

  • Research has shown that 2.7% of files shared in the cloud are publicly accessible;
  • 1% of files uploaded to the cloud contain sensitive data, and 44.4% of this data includes confidential information such as business plans and financial records;
  • Personally identifiable information (PII) accounts for 70% of date being stored in the cloud.

So take note: the cloud is a great tool for file sharing and collaboration, but without proper governance and cyber insurance, it exposes your business to a data breach.

4. Your business couldn’t financially survive a cyber attack

Quantifying the cost of a cyber-attack is difficult, and are high enough to certainly cripple a small business.

But these estimates don’t account for the indirect, hidden costs of a cyber-attack which includes (but isn’t limited to):

  • Business interruption or destruction
  • Reputational damage and loss of customer trust
  • Insurance premium increases
  • Lost contract revenue and loss of IP
  • Damage to share price
  • When we take these kinds of indirect costs into account, the total cost of a data breach skyrockets:

A cyber-attack could seriously compromise your financial viability, so must have a cyber insurance policy in place. At the very least, this will cover risks such as financial loss arising from lost revenue, customer churn, privacy fines and legal expenses.

5. Your existing insurance policies may not cover losses from a cyber attack

Some general business liability policies include cover for cyber liability, but many don’t.

Don’t assume that you’re covered just because you have public liability, management liability or other business insurance policies in place. You need a separate cyber insurance policy that covers your risk exposures and, at the very least, includes cover for things like business interruption, loss of data, legal expenses and data recovery.

←View Blog List

Categories

Latest Article