In our current world it is vital for us to utilise computers to log on to public and private networks as part of our day to day lives.
Cyber-attacks are becoming more commonplace and more sophisticated than ever before. Cyber Risks are a very real threat to all companies that store personal data, rely on telephone and computer networks, that hold information digitally or uses the internet. These risks apply to most businesses. Recent changes to Australian Privacy laws and the use of cloud computing, social media as well as corporate bring your own device policies have highlighted the need to have Insurance protection for data security breaches and cyber-attacks.
Cyber risks are faced not just by those undertaking transactions over the internet, but also by companies that store personal data, are reliant on computer or telephone networks, holds digital information or merely uses the internet. In short, just about every business is faced with these new exposures.
- About 14% of Australian businesses experience IT security incidents each year.
- From Cybercrime alone, estimates of losses to Australian businesses place the cost to be in excess of $595 Million. 1
- Half of all companies that suffer data breaches from a cyber-attack have fewer than 1,000 employees.
- In Australia alone in 2010 – 2011 2.95 million cyber-attacks were detected, originating mainly from Canada, the US and China. 2
Meanwhile, there is growing attention afforded to privacy rights, particularly after the media phone hacking scandals in the United Kingdom which forced a long standing newspaper to close its doors. For instance, the Commonwealth Government is currently considering a recommendation to introduce a statutory course of action for serious invasions of privacy. Australia already has significant privacy protections in place under the Privacy Act 1988 (cth).
Further, the Australian Privacy Commissioner has recently signed a tough new approach to dealing with serious privacy breaches, indicating a preparedness to use its powers under the Privacy Act to direct how privacy complaints are resolved, and to publish its investigation reports.
Anyone that stores personal identifiable information is exposed to data breaches. Data breaches may occur from a hack, a disgruntled employee or even a lost laptop.
Claims occur regardless of the high level of care being provided and Cyber claims can be financially devastating for the accused through extensive disruption to business.
Why do I need Cyber Liability Insurance?
Anyone with a website has the legal liabilities of a publisher. Traditional liability products do not cover Internet exposures. Neither do traditional property insurance products. In many instances the policies do not have terms and conditions “broad enough” to include the many and varied types of losses which result in cyber space. Loss of digital assets including access to internet and websites, customer data is not a “physical loss” as contemplated by the majority of property policies.
Covers Available under a Cyber Policy
- Data Liability – including Personal Data, Corporate Data, Outsourcing as well as Network Security
- Business / Network Interruption – This covers the loss of net profit as a result of a Material Interruption to the Insured’s network, after a denial of service attack or network security breach
- Multimedia Liability – Covers the damages and defence costs incurred in connection with a breach of third party intellectual property, or negligence in connection to electronic content
- Cyber/ Privacy Extortion – Covers ransom payments to third parties incurred in terminating a security threat.
 The Australian Business Assessment of Computer User Security: a national survey, Australian Institute of Criminology Research & Public Policy Series 102
 Chubb Insurance Company of Australia