RISKS and potential losses from cyber attacks are woefully underestimated by Australian organisations of all sizes, according to Whitbread Insurance Brokers CEO Stephen Jones.
“I am continually baffled by figures published in cyber security reports, that scarcely 2 percent of large organisations hold specialised cyber insurance,” Mr Jones said.
“More alarming, is that this figure diminishes close to zero for small businesses,” he said, basing his views on the latest research by the British Government in 2015.
Just as alarming, closer to home, has been the recent analysis from the Australian Cyber Security Centre into the growth of cyber threats.
“The Australian Cyber Security Centre released its first public report this year exposing just how rampant and dangerous cyber crime is for Australian businesses,” Mr Jones said. “It revealed a 20 percent increase in cyber crime over the last 12 months, ranking Australia as ‘one of the most hacked countries worldwide’.”
When costs of these attacks are analysed, the need for urgent action becomes apparent, he said.
Mr Jones said with the global average cost of a cyber attack reaching $6 million, outstripping the annual revenues of most SMEs – according to Juniper Research – it put the real risks into perspective.
“If your business is connected online, cyber insurance must form a central part of your crisis management plan,” Mr Jones said.
“Regardless of how ‘impenetrable’ your company IT systems appear, I am yet to meet a business that can 100 percent guarantee their data is protected. A data breach will not only affect your business, it can have a serious impact on your clients and customers.
“Misplaced iPads or iPhones, stolen credit card numbers, financial reports, medical records, and the loss of sensitive personal data can leave you unable to operate and held liable – at both a company and individual level – potentially exposing your bottom line to significant damage and a tarnished reputation.”
Mr Jones said there were benefits to businesses taking on cyber insurance that were often overlooked.
He said apart from the obvious financial compensation to recoup costs incurred from a security breach – including regulatory fines of up to $1.7 million – there was also cover for legal representation and costs that incorporate forensic and legal counsel.
Furthermore, cyber insurance provided for “compensation for clients or customers who suffer financially or emotionally as a result of stolen data”.
Mr Jones said there was also cover for “professional consultants to assist in repairing damage to your brand reputation”.
“Unfortunately, cyber threats will continue to escalate as cyber criminals develop increasingly sophisticated techniques, and businesses become progressively dependent on linked services and devices,” Mr Jones said.
“It is expected that the average cost of a data breach will exceed $150 million by 2020 as businesses increase connectivity, exposing themselves to data breaches and hacks (Juniper Research, 2015).
“You may not be able to control the actions of cyber criminals, but you can take control by insuring your organisation against the risk,” Mr Jones said.
Whitbread is a Victorian Leaders Industry Expert partner.