Cyber insurance (also known as cyber liability insurance) was unheard of 15 years ago. But as we’ve evolved into a digital society, and our reliance on digital assets has grown, cyber crime has become more and more prevalent. On a daily basis the headlines report the names of large organisations that have fallen victim to cyber-attacks such as phishing, hacking, and ransomware. Scammers have increasingly focused their efforts towards smaller organisations.1 This could be due to a lack of sophistication in cyber security systems and technology to protect against threats. More recently, scammers have increasingly focused their efforts towards smaller organisations, as well as NFP’s and charities, honing in on the lack of sophisticated systems and technology they have to protect against threats.
Cyber insurance is designed to protect businesses and individual users from internet-based risks, and more generally from risks relating to information technology infrastructure and activities. Here are the main reasons you might want to consider taking out Cyber insurance and what it can help to cover:
A cyber crime can put a small business out of business
Hackers are increasingly targeting smaller organisations, not for profits (NFP’s) and charities as their data security tends to be less advanced than that of larger businesses. The impacts can be devastating, in fact, around 1 in 5 small organisations that were breached by the 2017 Ransomware attacks could not continue operating from the impacts of this attack.2 As an NFP or charity, the information you store can be extremely sensitive, so if this fell in the wrong hands, the impact to your organisation could be significant.
Every piece of information you hold is valuable
As an NFP, your relationship with your donors is based on trust – you receive donations because your donors trust you will use their money towards the right cause, so if they feel they can’t trust you with their personal information, they probably won’t trust you with their money. You might store personal information digitally or have a payment processing system to accept donations or offer ticketing online and all these digital systems could be vulnerable to cyber-attacks. If your organisations computer was hacked, it would mean access could be gained to private information like addresses, emails, financial information, and credit card details of your donors. Even if you feel the data you hold isn’t highly sensitive (for example, if you don’t hold credit card details), it’s not necessarily about the data being useful to the hacker, but how the data and records are useful to your organisation, and whether you could function without them.
Firewalls and IT teams aren’t foolproof
Firewalls, a quality IT team and antivirus protection are all great strategies around data protection, but they are not the silver bullet.
Companies like Yahoo, JP Morgan Chase, eBay and Target Stores with large IT teams, and robust IT systems have experienced data and security breaches, resulting in significant financial losses into the millions, as well as reputational damage to their business. Furthermore, almost 20% of reported system breaches in 2018 were as a result of human error, so even your staff members or volunteers opening a phishing email could put you at risk.3
What does Cyber Insurance cover?
Cyber insurance provides cover for first and third party exposures in relation to cyber or privacy events that impact your business. It provides your business with a structured crisis response plan to mitigate further loss and assists with returning to ‘business as usual’. Aon Cyber Insurance can include cover for costs to restore/recreate data, business interruption, notification costs and credit monitoring services and forensic and accounting investigation expenses .
For more information on Aon Cyber Insurance visit the Aon website or speak to a representative from our NFP team on 1800 123 266.
© 2019 Aon Risk Services Australia Limited ABN 17 000 434 720 AFSL No. 241141 (Aon)
Aon has taken care in the production of this document and the information contained in it has been obtained from sources that Aon believes to be reliable. Aon does not make any representation as to the accuracy of the information received from third parties and is unable to accept liability for any loss incurred by anyone who relies on it. The recipient of this document is responsible for their use of it.
The information contained in this article is general in nature and should not be relied on as advice (personal or otherwise) because your personal needs, objectives and financial situation have not been considered. Before deciding whether a particular product is right for you, please consider your personal circumstances, as well as the relevant Product Disclosure Statement (if applicable) and full policy
terms and conditions available from Aon on request. All representations in this article in relation to the insurance products we arrange are subject to the full terms and conditions of the relevant policy.
Please contact us if you have any queries.
1. https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-guide.pdf
2. https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-research-report.pdf
3. https://www.chubb.com/au-en/articles/australia-sme-cyber-preparedness-report-2019.aspx
