Australian cyber threat to the private sector

Cyber Threat

The Cyber Threat to Australian Business may be larger than first thought with many Australian businesses refusing to report breaches due to concerns the disclosure may adversely affect their reputation or create legal or commercial liabilities.

In the second of the Australian Cyber Security Centres cyber threat report

Extract from  ACSC Threat Report 2016:

Australian industry is persistently targeted by a broad range of malicious cyber activity, risking the profitability, competitiveness and reputation of Australian businesses. The spectrum of malicious cyber activity ranges from online vandalism and cybercrime through to the theft of commercially sensitive intellectual property and negotiation strategies.

The ongoing theft of intellectual property from Australian companies continues to
pose significant challenges to the future competitiveness of Australia’s economy. In
particular, cyber espionage impedes Australia’s competitive advantage in exclusive
and profitable areas of research and development – including intellectual property
generated within our universities, public and private research firms and government
sectors – and provides this advantage to foreign competitors.

The ACSC’s visibility of cyber security incidents affecting industry and critical infrastructure networks is heavily reliant on voluntary self-reporting.
Some companies may be hesitant to report incidents to the government due to concerns the disclosure may adversely affect their reputation or create legal or commercial liabilities. For example, in some cases victim organisations have sought legal advice before reporting an incident.

Many cyber security incidents across the private sector are undetected or unreported. Increased reporting of cyber security incidents by the private sector would subsequently increase the ACSC’s knowledge of cyber adversaries who target Australian industry and critical infrastructure, and the methods they employ. This knowledge would further enable the development of cyber security advice and mitigation strategies.

The ACSC is making a dedicated effort to engage industry on cyber threats and associated mitigation strategies through a process of sustained engagement. However, the private sector’s ability and willingness to recognise the extent of the cyber threat and to implement mitigation strategies varies considerably across and within sectors. Generally, companies that have been extensively targeted or compromised are more likely to view the business risks associated with the cyber threat as sufficient to warrant investment in cyber security.

Those without direct experience of being targeted or a victim may not be aware of the potential economic harm malicious cyber activity can cause their businesses, do not
understand the value of the data they hold, and cannot conceive why they would be targeted.

 

Australian Cyber Threat

Between July 2015 and June 2016, CERT Australia responded to 14,804 cyber security incidents affecting Australian businesses

Between July 2015 and June 2016, CERT Australia responded to 14,804 cyber security incidents affecting Australian businesses, 418 of which involved systems of national interest (SNI) and critical infrastructure (CI).

CERT Australia relies heavily on the voluntary self-reporting of cyber security incidents from a wide variety of sources throughout Australia and internationally and therefore does not have a complete view of incidents impacting Australian industry.

Sources: www.acsc.gov.au

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

 

If Hackers Steal Data Who Pays

It’s Just Hackers

In 2014 Hackers stole data from Yahoo that resulted in the details of 500 million users personal details including names and emails, as well as “unencrypted security questions and answers” be taken.

The breach damaged the trust in the brand, required Yahoo to publicly disclose the cyber-breach and advise all its users to change their passwords.

However, not all users changed their password and some are still reporting loss of data

The Cost of a Cyber Breach*

The costs of a data leak or data loss are rapidly accruing, with the total average cost per data breach within Australia now sitting at $AUD2.82 million, according to a 2015 study from IBM and Ponemon Institute. Moreover, the average cost per lost or stolen record has reached $AUD144, while the average number of breached records per incident is just under 20,000.

 

But I don’t have that many clients

The high-profile breaches recently included MySpace (359 million), LinkedIn (164 million) and Adobe (152 million), however, the hacking of a Gold Coast doctor in 2012 cost $4000 dollars.

Report a cyber incident

The Australian Signals Directorate (ASD) provides government with a greater understanding of cyber threats, and the coordination of whole-of-government operational responses to cyber incidents. The Cyber Security Incident Reporting (CSIR) scheme assists ASD with this role.

The Australian Government Information Security Manual (ISM) states agencies must report cyber security incidents to ASD. Cyber security incident reports are the basis for identifying and responding to cyber security incidents across government.

Reporting cyber security incidents helps ASD to develop a threat environment picture for government systems, and assist other agencies who may also be at risk. Cyber security incident reports are also used for developing new policies, procedures, techniques and training measures to help prevent future incidents.

The types of cyber security incidents agencies should report to ASD include:

  • suspicious or seemingly targeted emails with attachments or links
  • any compromise or corruption of information
  • unauthorised access or intrusion into an ICT system
  • data spills
  • theft or loss of electronic devices that have processed or stored Australian government information
  • intentional or accidental introduction of viruses to a network
  • denial of service attacks
  • suspicious or unauthorised network activity.

To report a cyber incident:

Sources: http://www.asd.gov.au/infosec/reportincident.htm *http://www.cso.com.au/

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Zurich's Digital Resolve Response

zurich_Logo_4c [Konvertiert]

Zurich’s Digital Resolve Response what is it?

Insurers are busy preparing for a explosion in Cyber Insurance clients, but with clients come claims, and for some clients the insurers response to an event will set the standard.

One cyber insurer Zurich has put together a team of specialist companies to make a panel of first respondents to a cyber event, these specialists legal teams, PR teams, digital forensics teams, incident response, and security sciences, investigation, eDiscovery and due diligence.

What is DigitalResolve and how does it work

It can help to:

  • Locate and rectify the source of cyber attacks, failures or breaches
  • Protect businesses from further attacks or disruptions
  • Assess financial losses
  • Protect a business’s brand/reputation
  • Ensure compliance with local regulations
  • Notify victims of data breaches
  • Negotiate ransomsUndertake credit monitoring
  • Recover losses from negligent third parties

Zurich Digital Resolve have access to experts to assist in the following areas:

  • Forensic Accountants
  • Legal Advice
  • Public Relations
  • IT Forensic loss assessment
  • Kidnap and ransom response teams
  • Cyber Extortion Experts
  • Identity Protection
  • Credit Monitoring
  • Public Notification
  • Regulatory No

 

 

Zurich Digital Resolve Group Include

Mandiant

Mandiant, a FireEye company, is the leader in helping organizations respond to and proactively protect against advanced cyber security threats.

“Mandiant is at the forefront of helping organizations rethink how to prepare for security breaches.”

– Michael Chertoff, Former Secretary of Homeland Security

Stroz Friedberg

Stroz Friedberg is a specialized risk management firm built to help clients solve the complex challenges prevalent in today’s digital, connected and regulated business world.

DLA Piper

DLA Piper is a global law firm with lawyers located in more than 30 countries throughout the Americas, Europe, the Middle East, Africa and Asia Pacific, positioning them to help companies with their legal needs anywhere in the world.

Norton Rose

Norton Rose Fulbright is a global law firm.

FleishmanHillard

FleishmanHillard in Australia is part of a global marketing and communications network operated by one of the industry’s leading PR agencies.

Crawford

Crawford & Company is the world’s largest independent provider of claims management solutions to insurance companies and self-insured entities.

If an incident occurs, clients can call a hotline 24/7, 365 days a year. An Incident Manager will be appointed to handle their case and will select a team of experts to act on the client’s behalf. The team will comprise everyone from IT forensic experts and consultants, to legal experts in data protection and cyber breaches, to PR consultants who can help mitigate any reputational damage.

Like to know more


1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Cyber risk is bigger than an IT issue

Cyber risk is bigger than an IT issue

One thing is becoming clear about cyber risks: the problem is much bigger than any organization’s information technology department.

Background

My background as an IT leader and information security professional before I joined XL Catlin gives me a good vantage point on how businesses can make the mistake of thinking that cyber risk begins – and ends – with their technology operations. Regardless of a company’s size and resources, IT operations play a critically important role in cybersecurity. But the total cost of cyber risk affects the entire enterprise, and a cyber incident frequently causes problems that no IT professional, however talented, can solve.

Business continuity, third-party liability, reputational damage and regulatory compliance – those are beyond the purview of IT. A well-run IT department can minimize downtime and get systems back up, which is critical. The value of data and the cost of a disruption, however, are ultimately determined by the data owners in the business operations. While a system shutdown can be catastrophic for some organizations, business interruption and data recovery insurance are available to mitigate that risk. Regulations regarding cyber security are evolving, and insurance is available to manage that uncertainty too.

But the business itself must communicate with its employees, customers, investors and perhaps regulators, after an incident. If a data breach has occurred, a forensic investigation and notification of affected parties are likely required. A strong, unified message is critical to convey, and that is best delivered with the help of senior executives and crisis communication professionals. One of the valuable benefits of cyber insurance is access to expert resources, from PR to forensics to IT specialists, who can quickly come in to assist.

The complexity of responding to a cyber incident and communicating with stakeholders are strong reasons to have a team, such as an executive control group. The composition of such a team depends on the size of the entity and the nature of its business. In larger organizations, it likely will include enterprise risk management staff as well as C-level leaders, such as the chief technology or chief information officer. For smaller and midsize organizations, the team might include the general counsel, chief operating officer and the head of IT, for example. Regardless of the specific titles, the functions that need to come together to discuss cyber risk include risk management, operations, IT, legal, marketing and communications. Ideally, a cyber risk steering committee or group is convened to ensure that all relevant areas of the organization are represented and kept informed. The job of managing cyber risk shouldn’t fall to one person, however; a cyber risk team can ensure that the entire organization understands the risk and adjusts procedures accordingly.

It’s important to think about cyber insurance as similar to property or commercial general liability – as a form of protection that your organization needs to continue operating.

Midsize companies have particular challenges when it comes to cyber risk. Often they have fewer IT resources, which makes them attractive targets for cyber attacks. Statistics on cyber attacks bear this out. The 2015 Cyber Claims Study from risk assessment firm NetDiligence found that 71% of cyber claims came from organizations with less than $2 billion in revenue, and 56% came from those firms with less than $300 million.

Many midsize companies also have contractual requirements with bigger organizations that increase their need for high cyber insurance limits. Based on their own perceived exposure, a midsize organization might not think it needs to purchase a lot of cyber insurance coverage, but that situation can change if a business relationship requires it. The lesson here is to look closely at your business and all risks relating to your systems and networks. How long could your firm afford to remain offline, if a cyber incident disrupted your IT operations? Could your company lose revenue or customers if that happened? Would you be able to meet your obligations to business partners?

There is a lot to understanding and managing cyber risk. A team approach is a good way to cover the bases, as well as working with expert resources and strong insurance partners to help protect your business.

About the Author

Sean M. Donahue is assistant vice president and underwriter, Cyber and Technology Insurance, at XL Catlin.

Source XL Catlin

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Zurich – the ins and outs of cyber risks

Zurich Cyber Risk

Cyber risks

Zurich Cyber Insurance

Cyber insurer Zurich‘s Global Head of Special Lines Lori Bailey has published an article outlining the ins and outs of cyber risks.

See where cyber risks originate, how they accumulate and how they can derail mission critical aspects at every level of your business.

kh-image-the-ins-and-outs-of-cyber-risks

The consequences of cyber risks can disrupt critical business infrastructure and derail productivity at the operational level. Here’s a complete look at where they originate, what they target and their consequences.

Cyber Risk Sources

  • Human error accounts for 52 percent of cyber breaches, according to a study by CompTIA.
  • Creating resilience to cyber risks requires focus on educating and training employees

kh-image1-the-ins-and-outs-of-cyber-risks

CyberRisk Targets

  • Indirect targets of cyber encroachments are as significant as direct targets.
  • Access to financial information, for example, could put at risk the financial information of a private company that is a customer.
  • This underscores the need for a holistic view of cumulative cyber risks.

kh-image2-the-ins-and-outs-of-cyber-risks

CyberRisk Consequences

  • The consequences of cyber risks are not limited to lost data.
  • Transactions can fail; supplies or products can be misdirected.
  • Manufacturing can be halted or output faulty goods; safety issues can cause injuries.
  • Dissatisfied customers can turn elsewhere.

kh-image3-the-ins-and-outs-of-cyber-risks

Source: Zurich

Speak to one of Insure 247’s brokers on 1300 046 787

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrant the accuracy of any information contained therein, readers should make their own inquiry’s before relying on information in the stories Terms of Service

Cyber Insurance Comparison

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation, and needs

 

Google protecting the world's news from digital attack

Google Project Shield

Google in it’s daily blog has outlined what it see’s as a risk for Independent News Services – DDoS attacks are often used to attempt to censor news, human rights, and elections monitoring sites, and to bring down many other types of sites. Sites that are not using a content delivery network (CDN) or a major hosting provider often do not have the capacity to defend against these attacks.

 

The web is an increasingly critical tool for news organizations, allowing them to communicate faster, research more easily, and disseminate their work to a global audience. Often it’s the primary distribution channel for critical, investigative work that shines a light into the darkest corners of society and the economy—the kind of reporting that exposes wrongdoing, causes upset and brings about change.

Denial of service (DDoS) attack

Unfortunately there are some out there who want to prevent this kind of reporting—to silence journalism when it’s needed most. A simple, inexpensive distributed denial of service (DDoS) attack can be carried out by almost anyone with access to a computer—and take a site completely offline before its owners even know they’ve been attacked.

These attacks threaten free expression and access to information—two of Google’s core values. So a few years ago we created Project Shield, an effort that uses Google’s security infrastructure to detect and filter attacks on news and human rights websites. Now we’re expanding Project Shield beyond our trusted testers, and opening it up to all the world’s news sites to protect them from DDoS attacks and eliminate DDoS as a form of censorship.

Read More

Source Google

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

 

 

First ever OS X ransomware encrypts your data and asks for money

Safety concept

First ever OS X ransomware

Ransomware is a particularly nasty piece of malware: After your computer is infected, it encrypts your data and refuses to give you the key unless you pay its makers a sum of money. Save for any glaring mistakes in the malware’s implementation, paying up is usually the only feasible way to get your data back, especially if you don’t have a backup.

Now, according to security company Palo Alto Networks, the first functional ransomware that operates on Apple’s OS X has been discovered.

Read More

Source mashable.com

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Businesses must prepare for new generation of cyber risks

Prepare for a new generation of cyber risks

Businesses must prepare for a new generation of cyber risks which are fast evolving, moving beyond the established threats of data breaches, privacy issues and reputational damage to operational damage, business interruption and even potentially catastrophic losses.

In a new report – A Guide to Cyber Risk: Managing The Impact of Increasing Interconnectivity – specialist insurer Allianz Global Corporate & Specialty (AGCS) examines the latest trends in cyber risk and emerging perils around the globe. Cyber risk is a major and fast-increasing threat to businesses with cyber-crime alone costing the global economy approximately $445 billion a year, with the world’s largest 10 economies accounting for half this total. In Australia, cyber risk is estimated to cost the economy 0.08% of GDP per year, or approximately $1.3 billion.

“As recently as 15 years ago, cyber-attacks were fairly rudimentary and typically the work of hacktivists, but with increasing interconnectivity, globalization and the commercialization of cyber-crime there has been an explosion in both frequency and severity of cyber-attacks,” says AGCS CEO Chris Fischer Hirs.

“Cyber insurance is no replacement for robust IT security but it creates a second line of defence to mitigate cyber incidents. AGCS is seeing increasing demand for these services, and we are committed to working with our clients to better understand and respond to growing cyber risk exposures.”

Tougher regulatory regimes and new cyber perils

Increasing awareness of cyber exposures as well as regulatory change will propel the future rapid growth of cyber insurance. With fewer than 10% of companies currently purchasing cyber-specific policies, AGCS forecasts that cyber insurance premiums will grow globally from $2 billion per annum today to over $20 billion over the next decade, a compound annual growth rate of over 20%.

“Growth in the US is already underway as data protection regulations help focus minds, while legislative developments and increasing levels of liability will see growth accelerate in the rest of the world,” says Nigel Pearson, who is globally responsible for cyber insurance at AGCS.

“In Australia, the Federal Government has stated that it will introduce a mandatory data breach notification scheme by the end of 2015 or in early 2016, which is expected to drive interest in cyber insurance. Regional AGCS CEO, Holger Schaefer, stated “we have already seen a significant increase in cyber insurance inquiries as boards of directors become more aware of their regulatory and operational exposures to cyber risk.”

Previously, attention has largely been focused on the threat of corporate data breaches and privacy concerns, but the new generation of cyber risk is more complex: future threats will come from intellectual property theft, cyber extortion and the impact of business interruption (BI) following a cyber-attack or from operational or technical failure; a risk which is often underestimated.

“Awareness of BI risks and insurance related to cyber and technology is increasing. Within the next five to 10 years BI will be seen as a key risk and a major element of the cyber insurance landscape,” says Georgi Pachov, cyber expert in AGCS’s global property underwriting team.

In the context of cyber and IT risks, BI cover can be very broad including business IT computer systems, but also extending to industrial control systems (ICS) used by energy companies or robots used in manufacturing.

Connectivity creates risk

Increasing interconnectivity of everyday devices and growing reliance on technology and real-time data at personal and corporate levels, known as the ‘Internet of Things’, creates further vulnerabilities. Some estimates suggest that a trillion devices could be connected by 2020, while it is also forecast that as many as 50 billion machines could be exchanging data daily. ICS are another area of concern as a number of these still in use today were designed before cyber security became a priority issue. An attack against an ICS could result in physical damage such as fire or explosion, as well as BI.

Catastrophic event

While there have been some very large data breaches, the prospect of a catastrophic loss is becoming more likely, but exactly what it will look like is difficult to predict. Scenarios include a successful attack on the core infrastructure of the internet, a major data breach or a network outage for a cloud service provider, while a major cyber-attack involving an energy or utility company could result in significant outage of services, physical damage or even loss of life in future.

Stand-alone cover

Allianz also predicts that the scope of cyber insurance must evolve to provide broader and deeper coverage, addressing business interruption and closing gaps between traditional coverage and cyber policies. While cyber exclusions in property and casualty policies are likely to become commonplace, standalone cyber insurance will continue to evolve as the main source of comprehensive cover. There is growing interest among the telecommunications, retail, energy, utilities and transport sectors, as well as from financial institutions.

Education – both in terms of businesses’ understanding of exposures and underwriting knowledge – must improve if insurers are to meet growing demand. In addition, as with any other emerging risk, insurers also face challenges around pricing, untested policy wordings, modelling and risk accumulation.

Responding to cyber risk

The AGCS report highlights steps companies can take to address cyber risk. Insurance can only be part of the solution, with a comprehensive risk management approach being the foundation for cyber defence.

“Once you have purchased cyber insurance it does not mean that you can ignore IT security. The technological, operational and insurance aspects of risk management go hand in hand,” explains Max Broodryk, expert for cyber at AGCS Pacific.

Cyber risk management is too complex to be the preserve of a single individual or department, so AGCS recommends a ‘think-tank’ approach to tackling risk whereby different stakeholders from across the business collaborate to share knowledge.

In this way, different perspectives can be challenged and alternative scenarios considered: for example, these might include the risks posed by corporate developments such as mergers and acquisitions or by the use of cloud-based or outsourced services. In addition, cross-company involvement is essential to identify key assets at risk and, most importantly, to develop and test robust crisis response plans.

For more information and to download the full report please go here.

Source Allianz

[pardot-form id=”489″ title=”Cyber Insurance”]