Data breach notification statistics ‘frightening’ Insurer

Notifiable data breaches

Data breach notification statistics ‘frightening’ according to Emergence

The Office of the Australian Information Commissioner (OAIC) has released its first quarterly report into notifiable data breaches, which shows 63 reported breaches since the scheme began on 22 February 2018.

That means in only its first 38 days, the scheme is averaging more than two notifications every business day.

Gerry Power, National Head of Sales for cyber insurance specialist underwriting agency Emergence, says the statistics are “frightening”.

OAIC’s figures show health service providers made the most notifications, at 15; followed by legal, accounting and management services, 10; finance, including superannuation, eight; education, six; and charities, four.

The figures are consistent with Emergence claims data that show the accounting industry is a major target for cyber theft.

Human Error a threat

Human error was responsible for 32 of the notifiable data breaches (NDB) reported; malicious or criminal attacks, 28; and two were system errors.

Gerry said the high rate of NDBs in only 38 days of the scheme’s operation highlighted the need for cyber insurance.

Emergence’s cyber policy gives insureds 24/7 access to an incident response team of experts who understand the importance of immediately mitigating potential threats to insureds’ businesses.

The Emergence solution also manages reporting data breaches to OAIC, any subsequent regulatory investigations, and costs associated with communicating data breaches to affected individuals.

A cyber insurance policy is part of every successful business’s risk management framework. Cyber insurance is not the first line of defence; it is designed to protect a business when its IT security, policies and procedures fail to stop an attack.

Emergence is a pioneer of cyber cover in Australia and provides protection for SMEs through to ASX-listed entities. It is a cyber specialist, focusing all its efforts on risk management and fine tuning its policy to provide top-level protection.

Gerry warned the NDB scheme meant companies could not keep silent on data breaches and hope for the best because notification to OAIC was now mandatory. Your clients need to understand the risks and they need protection.

Emergence’s Cyber Event Protection package gives your clients financial support and incident response expertise to recover from adverse events, including ransomware attacks, point-of-sale intrusions, denial-of-service attacks and cyber espionage.

 

Compare Cyber Insurance

Cyber Insurance Comparison

 

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

 

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

No business too small to face cyber attack risk

cyber attack risk

No business too small to face cyber attack risk

Your a small business owner and may not consider yourselves prime targets for cyber attacks.

You may assume big companies have more information to steal and more profits to siphon off, so they’re targeted most often by criminals online. In reality, the opposite is often true.

Everyone can be a cybercrime target – even SMEs – and the onus is on SME owners to stand up to the cybercrime epidemic, spread awareness and do their part to prevent incidents. That process begins with simply admitting the problem exists.

If your hit by cybercriminals, it can be costly.

Research has shown 60% of hacked SMEs are out of business in six months. That’s no surprise, given how devastating attacks can be, and illustrates the need for business leaders to be open and honest about the dangers.

Protect Your Data

• Are all software licenses up to date and antivirus updates enabled? Outdated software can expose businesses to potential attacks and trigger loss of clients’ personal information, leading to brand damage and rectification costs.

• Do you regularly review information stored internally? If old files are saved on local machines, ensure sensitive information, such as payment processing data or confidential trade secrets, is secure.

• Plan ahead. No one likes to think about a cyber attack hitting their business but, if and when it does, you need to be ready. You need to know how to sustain operations even if data access is disrupted and act quickly to prevent distressed customers or lost revenue after an attack.

• Do you involve all the workforce? No business leader can prevent cybercrime incidents alone. It’s a team effort. If someone is left out of the cybersecurity planning process, that weak link might leave the organisation vulnerable. Your employees are the last line of defense. The most successful companies at preventing cyber losses lead from the top and educate their employees.

Find the insurance coverage they need

A cyber insurance policy is part of every successful business’s risk management framework. Cyber insurance is not the first line of defense; it is designed to protect a business when its IT security, policies, and procedures fail to stop an attack.

Protection becomes more important as Australia introduces the new notifiable data breaches scheme, which starts on 22 February 2018.

Gerry Power, National Head of Sales at Emergence Insurance, says cyber insurance is designed to support businesses by providing an incident response team to help clients who suffer cyber events.

 

Compare Cyber Insurance

Cyber Insurance Comparison

 

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

 

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

 

Kochie’s Business Builders Explains Cyber Insurance

Kochie's Business Builders

Kochie’s Business Builders Explains Cyber Insurance

To help explain cyber insurance, Steadfast have partnered with Kochie’s Business Builders to produce this short explainer video.

30% of small businesses in Australia experiencing a cybercrime incident

Most cyber attacks are caused by human error the average cost of business was a huge $276,000 in 2015 with over 30% of small businesses in Australia experiencing a cybercrime incident

Why do I need it?

If your business has a website or electronic records, you’re vulnerable to cyber hackers. In fact, it’s likely that your business will suffer a cyber attack at some stage. A cyber attack could cost your business more than money. It could also threaten your intellectual property and put customers’ personal information at risk – which could damage your reputation.
Kochie's Business Builders
What usually isn’t covered?

Exclusions and the excess you need to pay can vary greatly depending on your insurer. Policies generally won’t include cover for:

  • Damage to computer hardware
  • Criminal actions committed by you or your business
  • A cyber attack based on facts of which you were aware
  • Criminals using the internet to steal money from you

Compare Cyber Insurance Quotes from leading Australian Insurers like AIG, Allianz, Brooklyn Underwriting, CGU, Chubb, Dual, Emergence and Zurich.

 

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

How can I protect myself against the WanaCry Ransomware?

Ransomware

WanaCry Ransomware

To best avoid infection of this sort we advise that the following steps are taken to maximise your system protection.

How can I protect myself against the WanaCry Ransomware?

You can protect yourself against the ransomware in the following ways:

  • Ensure you have a valid corporate Antivirus subscription
  • Ensure your Antivirus is up to date
  • Ensure that port 445 is closed on your network
  • Ensure you are up to date with all Microsoft updates on your server and workstations
  • Back up your data with an external hard drive or to the cloud

Please contact your local IT Support if you are unsure if you are protected, or may have the ransomware on your computer.

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrant the accuracy of any information contained therein, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Australian cyber threat to the private sector

Cyber Threat

The Cyber Threat to Australian Business may be larger than first thought with many Australian businesses refusing to report breaches due to concerns the disclosure may adversely affect their reputation or create legal or commercial liabilities.

In the second of the Australian Cyber Security Centres cyber threat report

Extract from  ACSC Threat Report 2016:

Australian industry is persistently targeted by a broad range of malicious cyber activity, risking the profitability, competitiveness and reputation of Australian businesses. The spectrum of malicious cyber activity ranges from online vandalism and cybercrime through to the theft of commercially sensitive intellectual property and negotiation strategies.

The ongoing theft of intellectual property from Australian companies continues to
pose significant challenges to the future competitiveness of Australia’s economy. In
particular, cyber espionage impedes Australia’s competitive advantage in exclusive
and profitable areas of research and development – including intellectual property
generated within our universities, public and private research firms and government
sectors – and provides this advantage to foreign competitors.

The ACSC’s visibility of cyber security incidents affecting industry and critical infrastructure networks is heavily reliant on voluntary self-reporting.
Some companies may be hesitant to report incidents to the government due to concerns the disclosure may adversely affect their reputation or create legal or commercial liabilities. For example, in some cases victim organisations have sought legal advice before reporting an incident.

Many cyber security incidents across the private sector are undetected or unreported. Increased reporting of cyber security incidents by the private sector would subsequently increase the ACSC’s knowledge of cyber adversaries who target Australian industry and critical infrastructure, and the methods they employ. This knowledge would further enable the development of cyber security advice and mitigation strategies.

The ACSC is making a dedicated effort to engage industry on cyber threats and associated mitigation strategies through a process of sustained engagement. However, the private sector’s ability and willingness to recognise the extent of the cyber threat and to implement mitigation strategies varies considerably across and within sectors. Generally, companies that have been extensively targeted or compromised are more likely to view the business risks associated with the cyber threat as sufficient to warrant investment in cyber security.

Those without direct experience of being targeted or a victim may not be aware of the potential economic harm malicious cyber activity can cause their businesses, do not
understand the value of the data they hold, and cannot conceive why they would be targeted.

 

Australian Cyber Threat

Between July 2015 and June 2016, CERT Australia responded to 14,804 cyber security incidents affecting Australian businesses

Between July 2015 and June 2016, CERT Australia responded to 14,804 cyber security incidents affecting Australian businesses, 418 of which involved systems of national interest (SNI) and critical infrastructure (CI).

CERT Australia relies heavily on the voluntary self-reporting of cyber security incidents from a wide variety of sources throughout Australia and internationally and therefore does not have a complete view of incidents impacting Australian industry.

Sources: www.acsc.gov.au

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

 

Cyber crime and your small business

Cyber Crime

It might be easy to dismiss cybercrime as completely irrelevant to your business on account of its small nature — who would actually take the time to exact a cybercrime against your small business when they could be hitting the big leagues, right?

The reality is that cyber crime is believed to cost Australian businesses — of all sizes — around $4.5 billion a year, but despite that, so few businesses are insured against it.
In fact, small businesses have been the slowest to protect against cyber crime, making them more vulnerable to the threat.

When you consider that almost all businesses have an internet presence or make use of the internet in their everyday business dealings, it becomes pretty clear that cybercrime presents a risk to even the smallest businesses.

Pretty much every business — be it big or small — will be reliant on data to some extent. Such data can include employee profiles, private corporate information, any identifying numbers (like Medicare and driver’s license numbers), and information of a personal nature about customers, budget details, and credit card information. The consequences of such data being breached and made public can be wide-ranging.

So, let’s have a look at cybercrime and insurance a little further so that you can make a more informed decision about whether or not it’s worth looking into for your business.

What is a cybercrime?

In basic terms, cybercrime is a blanket term for any type of activity of a criminal nature that is carried out using a computer and/or the internet.

Cybercrime includes all of the following:

  • Identity theft
  • Cyberstalking
  • Use of malware
  • Use of viruses
  • Computer and network hacking
  • Online scams
  • Phishing scams
  • Fraud
  • Information theft
  • Extortion

When you consider that almost all businesses have an internet presence or make use of the internet in their everyday business dealings, it becomes pretty clear that cybercrime presents a risk to even the smallest businesses. Criminals don’t necessarily need to hack your systems to commit cybercrime; if they manage to get their hands on a laptop, iPad or mobile phone belonging to your business (either because it has been stolen or left unattended), they have easy access to your information and are able to more easily commit their crimes.

How will cybercrime affect my business?

The ways in which cybercrime can affect your business are actually a lot more expansive than one may have initially thought and are usually not contained to a defined period of time; rather, the effects tend to be ongoing and costly.

Beyond the general business interruption, a breach of data that results in personal information of customers or employees being made public can result in significant fines, legal fees, and costs associated with investigating the breach and notifying customers of the potential effects it may have on them.

Consider also the loss of business. Your existing customers are unlikely to continue being your customers if their personal information becomes public — and even if a cybercrime committed against your business doesn’t directly affect them, the fact any crime was able to be committed at all will leave them feeling uneasy.

A cybercrime against your business could also affect your reputation and drive away potential customers who may think twice about dealing with you given your company’s cybersecurity shortcomings.

Can’t software keep my business safe from a cyber attack?

Yes, there are certain things you can do to help minimise the risk of a cyber attack and these things include all of the following:

  • Reputable anti-virus programs
  • Secure data back-up
  • Firewall technology
  • Data encryption
  • Laptop and mobile security
  • Adequate social media policies

If all of this sounds like gibberish to you, don’t feel bad. The reality is that most businesses aren’t aware of the extent to which they need to have such things in place to protect themselves and their information, which often leaves them incredibly vulnerable to cybercriminals.

And, unfortunately, even if you do have all the right systems and software in place, your business is still at risk — particularly if your business involves the collection of customer information, including personal, credit card and bank details.

What does cyber insurance cover?

Although policies will vary between insurers, a typical cyber insurance policy is designed to help you with both preventing breaches in the first place and dealing with them if and when they occur. Cyber insurance policies usually include the following:

  • The cost of restoring or recreating electronic data following a breach or leak
  • Forensic services to investigate a breach
  • PR coaching in the event a breach harms your business’s reputation
  • Assistance guarding against data breaches, hacking and employee error
  • Guidance on how to respond to a breach
  • Funds to cover the adverse financial effects related to a breach
  • Funds to cover any fines that might be payable following a breach

Small businesses have been the slowest to protect against cyber crime, making them more vulnerable to the threat.

Source Steadfast

Speak to one of Insure 247’s brokers on 1300 046 787

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Cyber Insurance Know Cyber Risk

Cyber Risk

cyber-risk

Cyber Insurance Know Cyber Risk

We live in a modern, connected world and from our computers at work, to our laptops, tablets, phones and even our TVs, we’re vulnerable online.

While it’s easy to think you would never be the victim of a cyber-attack, studies are showing that it is happening more and more every day, which is why we’ve put together these resources on how you can protect yourself, your family and even your business online.

Trolls and Trojans – thievery in the digital age

In the vast world of the online there are things you need to do to keep your information safe.

Cyber Insurance

Did you know that almost seventy per cent of Australian businesses have experienced a cyber-attack in the last 12 months? With technology being so important to the way we work and with more attacks predicted in the near future, cyber insurance isn’t just a nice-to-have, it’s a necessity.

Cyber insurance for small businesses

Information for small business owners on cyber risk and cyber insurance.

Privacy and your business

Some information on how the new Privacy Act will affect your business.

5 ways to protect yourself online

Some helpful hints to protect your personal information when online.

7 Ways to hack proof your password

Here are seven tips on how to make your internet passwords stronger.

Learn how to keep track of your digital footprint

Information on how to protect yourself online.

Don’t put up with cyberbullying

Info on how to beat the cyber bullies.

How can you keep your kids safe online?

Information on how to keep your children safe from online predators.

10 Silly things people do with their smartphones

How many silly things do you do with your smartphone?

BYOD is not just a BBQ buster

Tips on how to prevent security issues with your mobile device.

Five tips to protect yourself from webcam hackers

Stop hackers from breaking into your home while not even there.

Social media – it’s harmless…right?

The pitfalls of social media, and how you should protect your privacy.

Cyber Security. Evolved.

This short video highlights how in less than 300 seconds you can experience the speed and intensity of a cyber attack.

Other resources cyber risk

Find more information on cyber security at:

Source knowrisk.com.au

Do you need to know more about Cyber Insurance speak to one of Insure 247’s brokers on 1300 046 787

1300-Insure

Cyber Risk

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Identity Theft – Know the Perpetrators

Identity Theft – Know the Perpetrators

Remember that awful Sandra Bullock movie? No, not Speed 2 – although that was outrageously bad. We’re talking about The Net. It’s a film from the nineties about a computer programmer that stumbles on a government conspiracy and has her identity stolen and replaced. Sure, the technology is laughably out of date – it was filmed in 1995 – but it was one of the first films to deal with technology-based identity theft.

About Identity Theft

Identity theft is growing at a rate of about 15-20 per cent each year, which means every one of us could be a potential victim, regardless of our age, nationality or status. Financial loss is only a part of how identify theft can affect you; there’s also the risk of reputational damage or damage to your credit rating which could take months and sometimes years to repair.

Know the Perpetrators

But who are the people behind these unseen crimes? Who are you at risk from? This infographic by Hotspot Shield shines the light on three types of crooks behind identity theft and shows us their nefarious methods of obtaining your personal information and how you can limit your risk of becoming the next victim of identity theft.

Source: knowrisk.com.au

identity-theft-infographic_small

Speak to one of Insure 247’s brokers on 1300 046 787

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

3 steps you can take to manage cyber risk

Manage cyber risk

Manage cyber risk

Internet usage continues to rise across the globe. Along with this, comes an increase in cyber-crime, which according to a report by Mcafee, is estimated to have cost the global economy USD$445 billion in 2013 . In Australia, the cost is estimated at 0.08% of GDP per year, or approximately AUD$1.28 billion. The Mcafee report attributes this partly to the fact that, ‘Cybercrime produces high returns at low risk and (relatively) low cost for the hackers.’

In addition to taking out cyber insurance, businesses can proactively mitigate the cyber risk and a cyber-attack by undertaking a range of measures including:

  • Implementing business-wide cyber-risk management
  • Seeking external specialist advice
  • Identifying the type of data that needs to be secured

Don’t just leave Cyber Risk to IT

Cyber-risk management should not only be considered the domain of the IT department. It affects the entire business and from the board down, the business needs to think about how to manage that risk and how to develop contingency plans if something does go wrong.

Seek external specialist advice
The increasing variety and sophistication of cyber-crimes mean that independent specialist external advice on securing systems is essential for businesses. It is very rare that a business will have sufficient internal resources to address this problem fully both prior to and certainly following the loss.

Identify the type of data that needs to be secure
Firms should conduct an audit of their network to ensure sensitive records have an appropriate level of security. Companies in the business of dealing with sensitive financial that hold personal information including name, address, date of birth – the very kind of data that could be the target of an attack.

 

Cyber Insurance

Allianz currently offers cyber insurance for the top end of the market through AGCS and we are working on the release of a cyber insurance product tailored specifically to the needs of SME customers. We expect to make it available to the market by the end of the year.
1 Reference

Source allianzinsight.com.au

Speak to one of Insure 247’s brokers on 1300 046 787

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrant the accuracy of any information contained therein, readers should make their own inquiry’s before relying on information in the stories Terms of Service

Cyber Insurance Comparison

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation, and needs

Cyber Risk

 

10 types of cyber attacks

cyber attacks

10 types of cyber attacks

The following cyber attacks, are examples of how cyber crime can affect your business. Cyber attacks are estimated to costs Australians more than $1 billion a year.

Point of Sale (POS) intrusions Point of Sale (POS) intrusions

Where retail transactions are conducted, specifically where card – present purchases are made.

Cyber Extortion Cyber Extortion

Crime involving an attack or threat of attack against your IT infrastructure , couple with demand for money to stop the attack.

Miscellaneous Errors Miscellaneous Errors

People make mistakes! Unintentional actions directly compromised a security attribute of an information asset.

Cyber Espionage Cyber Espionage

Unauthorised network or system access linked to state affiliated actors and / or exhibiting the motive of espionage.

Denial of Service Denial of Service

Intended to compromise the availability of networks and systems. Includes both network and application layer attacks.

Physical Theft and Loss Physical Theft and Loss

Any incident where an information asset went missing, whether through misplacement or malice.

Insider and Privilege Misuse Insider and Privilege Misuse

Any unapproved or malicious use of organisations resources. Mainly insider misuse or external (through collusion)

cyber-claims Web App Attacks

This includes exploits of a code – level vulnerabilities in the application as well as thwarting authentication mechanisms.

Payment Card Skimmers Payment Card Skimmers

Where a skimming device is physically implanted on an asset that reads magnetic stripe data from a payment card

Crimeware Crimeware

A form of malware. Primary goal is to gain control of systems to steal credentials

Source Emergence Cyber Insurance

Does your Cyber Insurance cover all these events?

Speak to one of Insure 247’s brokers on 1300 046 787

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs