Contact us

1300 GOCYBER (1300 462 923)

Call or email us today!

Contact details:


Your message has been sent successfully. Close this notice.

Cyber Insurance Quote Form

Limit of Liability

Company Details

Do you process, transmit or store more than 10,000 financial transactions per year?

Yes No, less than 10,000

Do you use and keep up to date firewalls and anti-virus protection for all systems?

Yes No

Do you use third parties to complete audits of your system and security on a regular basis?

Yes NO

Are all portable devices password protected? (mobile phones, laptops, tablets, etc)

Yes No

Do you have encryption requirements for all data including portable media?

Yes No

Do you have back-up and recovery procedures for business critical systems, data and info assets?

Yes No

Do you outsource any part of your network, including storage?

Yes, we use third party providers. No, all managed in house

Do you store sensitive information on web servers?

Yes No

Do you know of any loss payments, fines or penalties being made on your behalf?

Yes No

Are you aware of any matter which might give rise to a claim or loss under such insurance?

Yes No

Have you suffered any loss or claim but not limited to a regulatory, governmental or administrative action brought against you, or any investigation or information request concerning any handling of personal info?

Yes No

The applicant or any subsidiaries have any knowledge of any loss payments, fines or penalties being made on behalf of any applicant or any person proposed for coverage any cyber policy or similar insurance?

Yes No
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.

Business Insurance Quote

Contact details:


Property & Contents

Yes, please quote No, thank you

Public & Products Liability

Yes, please quote No, thank you

Cyber Liability

Yes, please quote No, thank you

Theft & Money

Yes, please quote No, thank you

Computers & electronic equipment

Yes, please quote No, thank you

Business Interruption

Yes, please quote No, thank you

Machinery Breakdown

Yes, please quote No, thank you
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
6 years ago · by · 0 comments

Responding to a Data Breach or Cyber Attack

Mandatory data breach notification laws within Australia came into effect on 22nd February, 2018 and with new regulations come new challenges for Australian business owners and employees surrounding information security and data breach response. Many organisations are facing regular scams and cyber attacks from criminals using sophisticated methods. Claims data reflects a majority of incidents stemming from a lack of employee security awareness within the business.

As of February 22nd organisations will be required to conduct an assessment of whether an eligible data breach occurred within 30 days of becoming aware that a suspected breach has occurred. If that organisation has evidence to believe that there has been an eligible breach, it must notify The Office of the Australian Information Commissioner as soon as they are able to do so.


Responding to an attack or breach can be extremely costly as business interruption expenses escalate quickly. The average time for an Australian SME organisation to resolve a data breach or attack is 23 days. Could your business continue trading without access to client information, websites, ordering or payment processing systems? We recommend performing a  precautionary third party cyber risk review as soon as practicable.


Tips For Data Breach Response

The tips below are from a recent article by Reece Corbett-Wilkins, Associate at Norton Rose Fulbright from Insurance Law Tomorrow , which highlights five important steps to take before & after a data breach.

  1. Develop and test internal response processes to ensure that potentially notifiable incidents are identified and reported to the legal / risk management function as early as possible. Valuable time can be lost in this initial phase.
  2. Seek the assistance of external legal counsel and other service providers, where appropriate, to limit the potential exposure following an incident. External providers can advise organisations on whether remedial action can be taken to avoid the risk of harm from eventuating, which may remove the need to notify affected individuals and the Privacy Commissioner.
  3. Although affected individuals and the Privacy Commissioner must be notified where required, organisations and agencies should not adopt a strategy of notifying all incidents as a matter of course. This is not the intention of the legislation and will cause notification fatigue. On the other hand, organisations and agencies should have a sound legal basis for not notifying, after having received external legal advice where appropriate.
  4. Where an organisation or agency chooses to notify, the notification campaign should be well structured to monitor post notification liability risk from affected individuals, stakeholders and regulators. Organisations and agencies should manage their ongoing regulatory and claims risk post notification.
  5. Notify insurers as soon as possible and obtain consent from insurers before taking any key steps or incurring costs. This will ensure that cover is not jeopardised due to late notification.


How will insurers respond?

Cyber insurance providers in Australia have a panel of experts assembled to resolve your particular incident quickly and cost effectively. Assistance is available 24/7 as insurance providers understand the importance of immediately rectifying the issue and returning to business as usual. These experts consist of incident response IT investigators, forensic accountants, lawyers, public relations and crisis management consultants. Working with a team of specialists to manage the notification process helps reduce unnecessary downtime and expenses.

Dedicated claims specialists will be assigned and should regularly communicate with you to investigate and manage the situation from start to finish.

Many insurers and brokers can assist with data breach response plans however individual organisations should prepare and test a plan catering to their operational nuances. We recommend keeping a physical copy of your incident response plan on hand as past attacks have seen plans and procedures stored on the network become encrypted and inaccessible.

For more information about the notifiable data breach scheme, data breach response planning, eligible data breaches and resources, take a look at The Office of the Australian Information Commissioner website.

Cyber insurance is a cost effective way to mitigate the expenses of data breach response.

Contact Cyber Insurance Australia today for a review of your existing insurance policies and a competitive quote.

Cyber Insurance Australia Logo


Subscribe and follow Cyber Insurance Australia on Linkedin Facebook for regular updates and information.

You might also enjoy reading

Contractual Cyber Liability Insurance

Notifiable Data Breach Scheme & Cyber Insurance



Not found any comments yet.

Leave a reply

Your email address will not be published, and your website url is not required.

Take care of your business

Insurance for
your business future

Call us today for specialist business insurance packages.

Company information

Naga Risk Solutions Pty Ltd T/as Cyber Insurance Australia ABN 59 378 032 992. CAR 1250594

Authorised Representative for National Advisor Services Pty Ltd t/as Community Broker Network (CBN) ABN 60 096 916 184 | AFSL 233750

Financial Services Guide (FSG), Privacy Policy & Complaints & Dispute Handling, Insurance Brokers Code of Practice (FSG)

Contact details

E-mail address:


1300 462 923

Available 8:30am - 5:00pm

PO Box 1677, Milton LPO
Brisbane, QLD 4064

Join our monthly newsletter for:

Enter your email and stay up to date,

Subscribe to our monthly newsletter!