Contact us

1300 GOCYBER (1300 462 923)

Call or email us today!

Contact details:

Message:

Your message has been sent successfully. Close this notice.

Cyber Insurance Quote Form

Limit of Liability

Company Details

Do you process, transmit or store more than 10,000 financial transactions per year?

Yes No, less than 10,000

Do you use and keep up to date firewalls and anti-virus protection for all systems?

Yes No

Do you use third parties to complete audits of your system and security on a regular basis?

Yes NO

Are all portable devices password protected? (mobile phones, laptops, tablets, etc)

Yes No

Do you have encryption requirements for all data including portable media?

Yes No

Do you have back-up and recovery procedures for business critical systems, data and info assets?

Yes No

Do you outsource any part of your network, including storage?

Yes, we use third party providers. No, all managed in house

Do you store sensitive information on web servers?

Yes No

Do you know of any loss payments, fines or penalties being made on your behalf?

Yes No

Are you aware of any matter which might give rise to a claim or loss under such insurance?

Yes No

Have you suffered any loss or claim but not limited to a regulatory, governmental or administrative action brought against you, or any investigation or information request concerning any handling of personal info?

Yes No

The applicant or any subsidiaries have any knowledge of any loss payments, fines or penalties being made on behalf of any applicant or any person proposed for coverage any cyber policy or similar insurance?

Yes No
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.

Business Insurance Quote

Contact details:

Sections

Property & Contents

Yes, please quote No, thank you

Public & Products Liability

Yes, please quote No, thank you

Cyber Liability

Yes, please quote No, thank you

Theft & Money

Yes, please quote No, thank you

Computers & electronic equipment

Yes, please quote No, thank you

Business Interruption

Yes, please quote No, thank you

Machinery Breakdown

Yes, please quote No, thank you
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
1 year ago · by · 0 comments

Contractual Cyber Liability Insurance

 

  • Does your organisation rely on third parties and have you signed agreements with these parties?
  • Do you know what obligations have been assumed in these agreements?
  • Does the contract cover losses or damages that arise from a data breach or cyber event?
  • Does your current insurance coverage clearly cover requirements of these contracts?

These are important questions facing Australian businesses as a greater reliance on technology and third-party vendors continues to increase significantly.

As public awareness of cyber risks and attacks continues to increase, more decision makers are requesting contractual cyber insurance liabilities be specifically addressed similarly to public liability.

Why is cyber insurance appearing on contracts?

Many Australian organisations are beginning to see contractual cyber insurance requirements across a wide variety of industries as cyber risk awareness increases. One way for organisations to protect themselves from financial loss, the expense of regulatory fines, penalties and reputation damage in the event of a data breach is to require contractors and vendors, with access to customer and employee personally identifiable information, to carry a cyber insurance policy.

Currently it’s common practice for vendors to provide proof of certain types and amounts of insurance cover and in some cases having their business named as an additional insured on vendor insurance policies. The types of losses, damages, and costs that arise from a data breach are often not covered by the standard insurance policy requirements listed in typical vendor contracts. Businesses without contractual cyber insurance requirements may leave themselves exposed to unexpected and uninsured losses.

Costs which can follow a breach

Many surveys have indicated that executives are unaware of the full scope of direct & indirect costs which can arise from a cyber attack or data breach.

Direct costs can include:

  • Forensic IT expenses to determine the cause of the breach and extent of data loss
  • Business interruption and increased working costs to keep the business operating as usual
  • Breach notification and response costs
  • Legal fees
  • Public relations expenses
  • Providing credit monitoring and identity theft restoration services

Indirect costs can include:

  • Loss of income
  • Goodwill and reputational damage

Should you require vendors to have cyber insurance?

We believe so, businesses currently require their vendors or contractors to indemnify them for public liability, professional indemnity and other current lines of insurance while completing the work. The same consideration should be shown for personally identifiable & sensitive data which could be compromised while the work is undertaken. Serious harm can be caused to an individual or business as a result of a data breach, anything from financial loss, emotional or reputational damage and even physical damage has been shown to occur.

All third parties who have access to customer or employee personally identifiable information should be having a conversation about sharing or transferring the risk of loss through cyber insurance if there is a data breach. Cyber insurance policies, among other things, typically cover the cost for computer and data loss restoration, notification costs, credit monitoring, and liability to third parties from your failure to handle, manage, store, and control personally identifiable information belonging to others.

The majority of Australian businesses collect and store data about their clients which in most cases is managed by an IT managed services group. According to a May 2016 Ponemon Institute report, 75% of the Australian IT and security professionals surveyed stated that the risk of a third party’s breach is a serious concern and increasing within their organizations.

Cyber Insurance Australia Logo

Current Government View

Regulators in Australia have increased their efforts to bring cyber risks to the attention of organisations with both the Office of the Australian Information Commissioner (OAIC) and the Australian Investments and Security Commission (ASIC) providing regularly updated information and resources.

“While in its infancy in Australia, the rapidly growing cyber insurance market may help enforce improved cyber security performance.” “Although some organisations may be implementing international cyber security standards that all organisations can achieve, others are not doing so. In our interconnected world, a solid baseline of cyber security practice is critical to achieving confidence online.” — Australian Government Cyber Security Strategy 

The Australian government has recently established a Notifiable Data Breaches scheme to address the growing concern around data breaches and privacy. Full details can be found here – OAIC

The passage of the Privacy Amendment (Notifiable Data Breaches) Act 2017 established a Notifiable Data Breaches (NDB) scheme in Australia. The NDB scheme requires organisations covered by the Australian Privacy Act 1988 (Privacy Act) to notify any individuals likely to be at risk of serious harm by a data breach. This notice must include recommendations about the steps that individuals should take in response to the data breach. The Office of the Australian Information Commissioner (OAIC) must also be notified.

Organisations will need to be prepared to conduct quick assessments of suspected data breaches to determine if they are likely to result in serious harm.

If the Privacy Act 1988 (Privacy Act) applies to your business, you will need to be aware of the risks of a failure to secure data where that failure results in a breach of the Privacy Act. The Privacy Act requires entities to take reasonable steps to protect personal information such as customer details. Significant penalties may apply to you if they are responsible for a breach of the Privacy Act. These include fines of up to $360,000 for individuals and $1.8 million for corporations as well as the potential for a compensation order being awarded.

At Cyber Insurance Australia we believe the Privacy Amendment will continue to drive contractual cyber insurance requirements in the future as more organisations are made aware of their costly responsibilities towards data security.

We will continue to update this page with further developments as the landscape changes for Australian businesses.

 

Contact us to discuss upcoming changes which may impact your business.

Subscribe and follow Cyber Insurance Australia on Linkedin & Facebook for regular updates and information.

Other articles you might be interested in:

Choosing the right cyber insurance policy

How much does cyber insurance cost?

2nd quarter 2017 cyber crime results

Comments

Not found any comments yet.

Leave a reply

Your email address will not be published, and your website url is not required.

Take care of your business

Insurance for
your business future

Call us today for specialist business insurance packages.

Company information

Naga Risk Solutions Pty Ltd T/as Cyber Insurance Australia ABN 59 378 032 992. CAR 1250594

Authorised Representative for National Advisor Services Pty Ltd t/as Community Broker Network (CBN) ABN 60 096 916 184 | AFSL 233750

Financial Services Guide (FSG), Privacy Policy & Complaints & Dispute Handling, Insurance Brokers Code of Practice (FSG)

Contact details

E-mail address:
contact@cyberinsuranceaustralia.com.au

1300 GOCYBER

1300 462 923

Available 8:30am - 5:00pm

PO Box 1677, Milton LPO
Milton
Brisbane, QLD 4064

Join our monthly newsletter for:

Enter your email and stay up to date,

Subscribe to our monthly newsletter!