Small Businesses Are Not Immune To Cyberthreats

Small Businesses Cyber Threat

Small business is not immune to cyberthreats

You might think that if you run a small business, you’re mostly safe from cybercrime or ransomware attacks. After all, why would a hacker bother to target you when there are bigger fish to fry?

These days, though, no one is safe. Cyber attacks are increasing among companies of all sizes. This doesn’t mean it’s time for your staff to panic. It is, however, worth taking a moment to think about your company’s security measures and consider your insurance needs.

 

Small businesses are vulnerable these days

If you still think cyber security is only a concern for larger corporations, you need to update your thinking. The latest data shows that small businesses are just as vulnerable to data breach incidents as larger ones.

The Australian Cyber Security Centre (ACSC) recently reported on this problem, noting that because so many are unprepared for the possibility of cybercrime against their small business, an attack can be particularly devastating. This has been a more serious issue in just the last couple of years.

The ACSC reported that about 90 percent of small organisations experienced a cyber threat or data breach in 2016 of which 58 percent were successful. This is a sharp increase from prior years’ data.

 

Knowing the risks you’re up against

Once you’re aware that small companies do indeed face cyberattacks, the next element to consider is how costly the cyber risks you’re facing might be. The damage can be significant if your SME is ever attacked.

 

There can be a variety of costs that can impact a business due to a cyber attack, including:

  • IT forensic costs
  • Customer notification costs
  • Increased costs of working
  • Legal defense costs

Some customers might abandon your business if they’re worried about security, and others might demand concessions from you that cost money. All this will impact the brand reputation of the company, which is difficult to recover from after an attack.

 

Getting protection against potential losses

Cyber exposures are significant for a business, and it’s only natural to think critically about protecting your company against hackers.

A new mandatory data breach reporting scheme takes effect in Australia in Feb 2018 which will require certain companies to notify customers and the Australian Privacy Commissioner of data breaches. As a result, not just big corporations but also mid-market and smaller companies will want to buy cyber coverage to assist in managing this new regulatory requirement. Companies are becoming increasingly aware of the need to protect themselves. This is why the cyber insurance market is expected to grow dramatically.

In addition, businesses should consider how a cyber insurance policy can complement the business risk management initiatives. As part of a cyber insurance policy, insurers provide an incident response solution to assist business to recover quickly from a cyber attack.

Source: Emergence

 

Compare Cyber Insurance

 

 

Please note Cyberinsurancecomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Cyber Insurance Comparison

CGU Cyber Defence

CGU Cyber Defence

CGU Cyber Defence Product Review

CGU Cyber Defence Protects your business against cyber exposures that can impact your business from direct costs to your business, and claims from third parties. Costs associated with defending cyber claims are also covered. CGU’s incident response team is on alert and ready to take action 24/7.

Key features:

  • All subsidiaries covered including new and former subsidiaries
  • Advancement of defence costs
  • Breach Coach helps you understand what needs to be done
  • Worldwide territorial cover no matter where the attack originated from
  • Covers you for privacy breaches of data you capture and held by service providers (e.g. Cloud, ISP’s etc)
  • Free 1 Hour cyber consultation to assess risk mitigation strategies
  • 24/7 Incident response team
  • Public relations consultancy costs to protect the personal reputation of senior executives

CGU Cyber Defence at a glance

Privacy Breach

Privacy protection against third party claims for loss of;

  • Personal Information
  • Commercially Confidential Information
  • Employee Information
  • Information held by Service Providers (e.g. Cloud, ISP’s etc)
  • Defence costs covered

System Damage

Cover for lost, damaged or destroyed;

  • IT systems,
  • IT records / data
  • Includes retrieving, repairing, restoring or replacing data, systems or hardware
  • Also, includes external IT forensic or security consultants costs

Business interruption

  • Cover for loss of profits due to a Cyber Event
  • No indemnity period restriction
    • Subject to a time excess of 12 hours
  • COMPUTER VIRUS & HACKING
  • Cover for liability arising from hacker attack or virus
  • Covers loss or theft of your data or data for which you are responsible
  • Attacks by employees and third parties covered
  • Includes loss by phishing emails or Denial of Services attacks

 

Computer crime (OPTIONAL EXTENSION)

Cover for crime losses (sub limit applies) including;
– Loss of money
– Covers loss of money from Service Providers systems
– Loss caused by rogue employee or third party

Multimedia Liability

  • Protection against libel, slander or defamation
  • Cover includes infringement of copyright, trademarks & trade names
  • Covers your defence costs and third party’s costs
  • Covers all your marketing material (digital or print)

Breach Of E-Commerce Statutory Duties

  • Covers breach of statutory duty from eCommerce relating to security & management of data
  • Defence costs and compensation payable to third parties

Extortion

  • Covers payment of ransom
  • Costs of negotiating/mediating a security threat
  • Covers crisis management costs to resolve security threats

Brand protection

  • Public relations consultancy costs to protect the
    company brands.

Personal Protection

  • Public relations consultancy costs to protect the personal reputation of senior executives

Privacy Fines & Investigations

  • Cover includes fines and penalties incurred by you due to a privacy breach
  • Includes cover for your defence and investigation costs

Privacy Breach Notification & Loss Mitigation

  • Covers your breach costs including credit monitoring, identity theft monitoring, data restoration and forensic costs
  • Includes your legal costs
  • Access to call centre support services
  • Covers actual or suspected privacy breach

Reward Cover

  • Covers reward expenses to secure conviction of perpetrators of hacking attacks
  • Include payment of money or property for securing a conviction

Download a Brochure PRIcyber_defence_productoverview

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

 

 

Kochie’s Business Builders Explains Cyber Insurance

Kochie's Business Builders

Kochie’s Business Builders Explains Cyber Insurance

To help explain cyber insurance, Steadfast have partnered with Kochie’s Business Builders to produce this short explainer video.

30% of small businesses in Australia experiencing a cybercrime incident

Most cyber attacks are caused by human error the average cost of business was a huge $276,000 in 2015 with over 30% of small businesses in Australia experiencing a cybercrime incident

Why do I need it?

If your business has a website or electronic records, you’re vulnerable to cyber hackers. In fact, it’s likely that your business will suffer a cyber attack at some stage. A cyber attack could cost your business more than money. It could also threaten your intellectual property and put customers’ personal information at risk – which could damage your reputation.
Kochie's Business Builders
What usually isn’t covered?

Exclusions and the excess you need to pay can vary greatly depending on your insurer. Policies generally won’t include cover for:

  • Damage to computer hardware
  • Criminal actions committed by you or your business
  • A cyber attack based on facts of which you were aware
  • Criminals using the internet to steal money from you

Compare Cyber Insurance Quotes from leading Australian Insurers like AIG, Allianz, Brooklyn Underwriting, CGU, Chubb, Dual, Emergence and Zurich.

 

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

3 steps you can take to manage cyber risk

Manage cyber risk

Manage cyber risk

Internet usage continues to rise across the globe. Along with this, comes an increase in cyber-crime, which according to a report by Mcafee, is estimated to have cost the global economy USD$445 billion in 2013 . In Australia, the cost is estimated at 0.08% of GDP per year, or approximately AUD$1.28 billion. The Mcafee report attributes this partly to the fact that, ‘Cybercrime produces high returns at low risk and (relatively) low cost for the hackers.’

In addition to taking out cyber insurance, businesses can proactively mitigate the cyber risk and a cyber-attack by undertaking a range of measures including:

  • Implementing business-wide cyber-risk management
  • Seeking external specialist advice
  • Identifying the type of data that needs to be secured

Don’t just leave Cyber Risk to IT

Cyber-risk management should not only be considered the domain of the IT department. It affects the entire business and from the board down, the business needs to think about how to manage that risk and how to develop contingency plans if something does go wrong.

Seek external specialist advice
The increasing variety and sophistication of cyber-crimes mean that independent specialist external advice on securing systems is essential for businesses. It is very rare that a business will have sufficient internal resources to address this problem fully both prior to and certainly following the loss.

Identify the type of data that needs to be secure
Firms should conduct an audit of their network to ensure sensitive records have an appropriate level of security. Companies in the business of dealing with sensitive financial that hold personal information including name, address, date of birth – the very kind of data that could be the target of an attack.

 

Cyber Insurance

Allianz currently offers cyber insurance for the top end of the market through AGCS and we are working on the release of a cyber insurance product tailored specifically to the needs of SME customers. We expect to make it available to the market by the end of the year.
1 Reference

Source allianzinsight.com.au

Speak to one of Insure 247’s brokers on 1300 046 787

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrant the accuracy of any information contained therein, readers should make their own inquiry’s before relying on information in the stories Terms of Service

Cyber Insurance Comparison

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation, and needs

Cyber Risk

 

Zurich – the ins and outs of cyber risks

Zurich Cyber Risk

Cyber risks

Zurich Cyber Insurance

Cyber insurer Zurich‘s Global Head of Special Lines Lori Bailey has published an article outlining the ins and outs of cyber risks.

See where cyber risks originate, how they accumulate and how they can derail mission critical aspects at every level of your business.

kh-image-the-ins-and-outs-of-cyber-risks

The consequences of cyber risks can disrupt critical business infrastructure and derail productivity at the operational level. Here’s a complete look at where they originate, what they target and their consequences.

Cyber Risk Sources

  • Human error accounts for 52 percent of cyber breaches, according to a study by CompTIA.
  • Creating resilience to cyber risks requires focus on educating and training employees

kh-image1-the-ins-and-outs-of-cyber-risks

CyberRisk Targets

  • Indirect targets of cyber encroachments are as significant as direct targets.
  • Access to financial information, for example, could put at risk the financial information of a private company that is a customer.
  • This underscores the need for a holistic view of cumulative cyber risks.

kh-image2-the-ins-and-outs-of-cyber-risks

CyberRisk Consequences

  • The consequences of cyber risks are not limited to lost data.
  • Transactions can fail; supplies or products can be misdirected.
  • Manufacturing can be halted or output faulty goods; safety issues can cause injuries.
  • Dissatisfied customers can turn elsewhere.

kh-image3-the-ins-and-outs-of-cyber-risks

Source: Zurich

Speak to one of Insure 247’s brokers on 1300 046 787

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrant the accuracy of any information contained therein, readers should make their own inquiry’s before relying on information in the stories Terms of Service

Cyber Insurance Comparison

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation, and needs

 

Insure Against Cyber Risk

In our continuing series on Cyber Risk, we thought it would be interesting to see what the potential cyber risk is with the new Australian Privacy Principles and its implications for small business.

Are we prepared

90 % of private companies don’t have insurance against cyber risk,  that’s one of the findings in Chubb 2013 Private Company Risk Survey. That means the uninsured companies will have to foot the bill if the are found liable for loss as a result of cyber crime, or data breach.

So if your cloud computing company is breached you may find your self ultimately liable for the loss of data .

Australian Privacy Principles

The National Privacy Princibles (NPP) will be replaced by the Australian Privacy Principles (APPs) on 12 March 2014 the change includes civil penalty regime for breaches of privacy. Click here for a copy of the privacy fact sheet

APP Privacy principle  8—cross-border disclosure of personal information, will require your clients information held on servers in countries is at least substantially similar to the way in which the Australian Privacy Principles protect the information.

Where is your data held? And how does your cloud company protect it?

You could simply call Salesforce, Google, Jive Software, Demandware or Xero and ask which country your data is stored in or backed up in, as long as that country meets the similar privacy standard to Australia your fine.

Steps that may help your company

  • Develop an Incident Response Plan (IRP)
  • Encrypt Portable devices
  • Assess cloud services providers’ data security
  • Get Cyber Liability Insurance

If you are still unsure, speak to a specialist, get them to review your potential risks and possible mitigation.

Steve Sloan
steve-sloan-insure247

Steve is a licensed insurance broker and marketer. He is an internet insurance pioneer in Australia.

Cyber Risk Trends

Where is your exposure
Cyber Threat

Any advice that may have been given is general advice only, please be aware that we have not taken into consideration your needs, objectives or financial requirements. Before deciding to purchase a financial product you should consider the appropriate Product Disclosure Statement to ensure the product is suitable for your needs.

First Published on GreatChoice

Cyber Insurance – Know The Risk

Almost 70% of Australian and New Zealand Businesses have experienced a Cyber Attack in the last 12 months

What is a cyber attack?

Cyber Insurance – Know The Risk

[pardot-form id=”489″ title=”Cyber Insurance”]

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Payment Card Industry Data Security Standard

What is PCI DSS (Payment Card Industry Data Security Standard)?

If your business handles clients credit cards, via eftpos, batch payments, on-line shopping carts or even storing clients payment details, you have a responsibility to keep that information safe.

The best way to maximize security of cardholder data is to continuously monitor and enforce the use of controls specified in the Payment Card Industry Data Security Standard.

The Payment Card Industry Data Security Standards (PCI-DSS) are a set of guidelines developed by MasterCard, Visa, American Express, Discover and JCB International to assist merchants in preventing payment card fraud and to improve security around processing and storing payment card details. Any company processing, storing or transmitting the above branded payment card numbers must be PCI-DSS compliant or they risk losing the ability to process these payments.

Click here for more details 

Specific questions about compliance validation levels and what you must do to validate should be directed to your acquiring financial institution or payment card brand.

Learn more:

[pardot-form id=”489″ title=”Cyber Insurance”]

Payment Card Industry Data Security Standard

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs