Get the latest insights, news and product reviews delivered straight to your inbox.
Subscribe
Learn > Why Australian businesses must prioritise cyber insurance

Why Australian businesses must prioritise cyber insurance

by Russell Macey
General Insurance Broker
January 15, 2025
3 min read

Cybersecurity threats have been steadily rising in Australia, posing serious risks to businesses of all sizes.

As of 2024, cybercrime has become the top risk for CEOs across various sectors, with over 40% of Australian companies experiencing some form of cyber-attack or data breach in the past year1. In response to the growing threats, businesses are increasingly turning to cyber insurance to mitigate the financial and operational impacts of cybercrime.

Find out how much it costs to get covered.

Book now

The rising tide of cyber threats in Australia

Recent statistics indicate that cybercrime costs Australian businesses over $33 billion annually. The Australian Cyber Security Centre (ACSC) reported a 13% increase in cyber incidents in the past year alone, with small and medium-sized enterprises (SMEs) particularly vulnerable due to their limited resources for cybersecurity defences.

One of the most alarming trends is the rise of ransomware attacks, which now account for over 25% of reported incidents. Additionally, phishing attacks, where criminals deceive employees into revealing sensitive information, have become increasingly prevalent.

In a case study by DUAL Australia, a mid-sized company using an online accounting platform became the victim of a sophisticated cyber fraud event. A threat actor infiltrated the company’s network and planted malware that altered the payment details for transactions between $5,000 and $50,000. This led to the misappropriation of around $30,000 intended for a supplier. The incident was only uncovered when the supplier notified the company of non-payment. Had the business not been covered by cyber insurance, it would have faced legal costs of approximately $100,000, including potential privacy act violations and data breach notifications​2.

A major data breach can cripple a business, leading to not only financial loss but also reputational damage. Cybercriminals are constantly evolving their tactics, making it challenging for businesses to stay ahead of threats. This underscores the importance of cyber insurance as part of a comprehensive risk management strategy.

A major data breach can cripple a business, leading to not only financial loss but also reputational damage.

Why cyber insurance is essential for businesses

The complexity and scale of modern cyber-attacks make it nearly impossible for businesses to fully protect themselves through cybersecurity measures alone. Cyber insurance provides an additional layer of protection by covering financial losses related to data breaches, business interruptions, and cyber extortion. For example, the case study from DUAL Australia illustrates how cyber insurance can cover not only the direct financial losses from a cyber fraud event but also associated legal and compliance costs.

Cyber insurance policies can cover a wide range of events, including:

  • Cybercrime: This includes financial losses from fraud, theft, or phishing attacks, as well as expenses related to investigating and responding to these incidents.
  • Data breach response: Coverage for notification costs, legal fees, and regulatory fines when a breach of personally identifiable information (PII) occurs. For example, in the case study by DUAL Australia, the insured’s policy covered notification to the Office of the Australian Information Commissioner (OAIC) under the Privacy Act, as well as the costs of a legal review of personal data potentially compromised.
  • Business interruption: Many cyber-attacks result in operational downtime, causing businesses to lose revenue. Cyber insurance can compensate for this lost income, helping businesses recover quickly.
  • Cyber extortion: Ransomware attacks have become a major concern. Cyber insurance can cover the ransom payments demanded by hackers as well as the costs of negotiating with cybercriminals.
  • Legal expenses: In the event of a cyber-attack, businesses may face lawsuits from affected clients or regulatory bodies. Insurance covers these legal expenses, which can amount to hundreds of thousands of dollars.

The role of business interruption insurance in cybersecurity

Many cyber-attacks lead to significant disruptions in business operations. For instance, a ransomware attack can force a company to shut down its systems until a ransom is paid, resulting in lost revenue.

Business interruption insurance, often included in cyber insurance policies, covers the loss of income during these periods. It also helps cover the additional expenses required to restore business operations, such as hiring external cybersecurity experts or replacing compromised systems.

This form of coverage was essential in the DUAL Australia case study. The misappropriation of funds threatened to disrupt operations and potentially cause the insured business to lose a critical supplier. Without insurance, such interruptions can have a long-term negative impact, causing irreparable harm to the company’s reputation and financial standing.

Preparing for the future

Cyber-attacks are no longer isolated incidents – they are an inevitable part of doing business in the digital age. Australian companies are facing an increasingly sophisticated array of cyber threats, from ransomware and phishing to data breaches and fraud. As these risks escalate, businesses must take proactive measures to protect themselves, and cyber insurance is a vital component of this defense strategy.

While strong cybersecurity protocols are essential, insurance ensures that when breaches occur, businesses can survive the financial fallout. With Australian CEOs naming cyber risks as their top concern for 2024, it’s clear that businesses of all sizes must prioritize both prevention and protection.

Cyber insurance provides peace of mind, helping businesses recover swiftly from attacks while safeguarding their financial stability and reputation. Let us help you.

Talk to us or request a callback.

References

  1. Keeping us up at night: The big issues facing business leaders in 2024, KPMG, January 2024.
  2. Cyber Fraud Event – Claim Example, DUAL Australia, July 2024.

Important notice – NewSure Insurance Brokers Pty Ltd

This article provides information rather than financial product or other advice. The content of this article, including any information contained in it, has been prepared without taking into account your objectives, financial situation or needs. You should consider the appropriateness of the information, taking these matters into account, before you act on any information. In particular, you should review the product disclosure statement for any product that the information relates to it before acquiring the product.

Information is current as at the date the article is written as specified within it but is subject to change. NewSure Insurance Brokers Pty Ltd make no representation as to the accuracy or completeness of the information. Various third parties have contributed to the production of this content. All information is subject to copyright and may not be reproduced without the prior written consent of NewSure Insurance Brokers Pty Ltd.

HELPFUL RESOURCES

Cyber insurance in the wake of the Optus breach

When it comes to best practice in cyber risk management, Optus was ahead of most Australian companies because it took out cyber insurance policy to cover the cost of a data breach.

Checklist: Is your business safeguarded against cyber crime?

With the highest median wealth per adult in the world, Australia’s prosperity is attractive to cybercriminals. The grim reality is that the situation is not going to get better. It’s only going to get worse.

Insurance made radically easier

Call us on 02 4969 8100 or request a call back.

We know that navigating the world of insurance can be complex and confusing. Our brokers compare the myriad of insurance options on the market for you, providing expert advice to implement your chosen plan.

We empower thousands of Australian businesses to focus on what they do best, knowing they’re protected against any possible eventuality.