5 Cyber Security Tips For Aussie Businesses

cyber attacks

In recognition of National Cyber Security Awareness Week Cyber Insurer Dual wanted to provide 5 quick cybersecurity tips for Aussie businesses:

Back up Data

– Back up data frequently with the back-up stored off the business’s premises and not connected to the insured’s network.

Firewall & Anti Virus Protection

– Use operating systems with embedded firewalls and anti-virus protection software (such as Windows or MAC OS X), or run separate commercially licensed firewall or anti-virus protection software.

 

Never pay ransom

– It’s not always wise to pay a ransom as you are not able to determine where the money will go (i.e funding terrorism without knowing) or if the hacker will repeat this attack.

Third Party Vendor Management

– Any requests to alter supplier and customer details including bank account details, independently verified with a known contact for authenticity.

Incident Response plan

– Have a well-planned approach to addressing and managing a cyber attack to help respond to, and recover from network security incident.

 

Source: Dual Insurance

Compare Cyber Insurance

Cyber Insurance Comparison

 

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

 

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Human Error Remains Key Cause Of Notifiable Data Breaches

Human Error Data Breach

Human error remains a key cause of notifiable data breaches, according to the latest quarterly report from the Office of the Australian Information Commissioner (OAIC).

While malicious or criminal attacks are still the largest source of notifiable data breaches (NDBs), accounting for 57%, human error is second with cyber incidents exploiting human vulnerabilities, for example, encouraging people to click on phishing emails or disclose passwords.

Gerry Power, Head of Sales at Cyber Insurer Emergence, said: “The continued propensity for human error to cause NDBs is a disturbing insight because it shows businesses are not educating staff enough on how to identify phishing emails or handle personal information appropriately.”

Source Emergence

Human Error and Data Breaches

Human error accounted for 37% of data breaches in the latest report. Emailing personal information to the wrong recipients was the most common human error data breach (12%). Second highest was failing to use the BCC function when sending group emails, which impacted on an average of 494 people each breach.

Gerry said the healthcare industry continued to be the worst-performing sector, recording 18% of data breaches and human error was responsible for more than half those. “That gives an insight into why some cyber insurers will not write the healthcare industry for data breaches,” he said.

The finance sector was the second-worst performing industry for the second consecutive quarter, with 14% of breaches.

The legal, accounting and management services sector was a close third. Gerry said Emergence’s claims data backed that up. “The accounting profession is a honeypot of data for cyber criminals,” he said.

Notifiable Data Breache Scheme

The NDB scheme was introduced on 22 February 2018 and, since then, OAIC has had 550 notifications, including 245 in the July-September quarter. That compares to only 114 notifications in the 12 months before the scheme’s launch.

As knowledge of the NDB scheme increases in the business community, the number of known data breaches will continue to rise.

Education is the key to reducing the human error element of NDBs.

Emergence conducts in-house education sessions, online seminars, and a social media program to educate brokers and their clients about the need for diligence and risk management to avoid data breaches and cyber attacks.

The increasing rate of notifications highlights the need for cyber insurance. Emergence’s cyber policy gives insureds 24/7 access to an Australian-based incident response team of experts who understand the importance of immediately mitigating potential threats to insureds’ businesses.

Emergence’s policy includes cover for reporting data breaches to OAIC, regulatory investigations, and costs of communicating data breaches to affected individuals.

“A cyber policy is part of every successful business’s risk management framework. Cyber insurance is not the first line of defence; it is designed to protect a business when its IT security, policies, and procedures fail to stop an attack,” Gerry said.

Organisations can reduce the potential for NDBs through risk management practices such as:
• Employee training, including strong password protection strategies and raising awareness about the importance of protecting personal information
• Restricting administration privileges
• Conducting daily backups
• Continuously patching operating systems and software
• Implementing multi-factor authentication.

Emergence is a pioneer of cyber cover in Australia and provides protection for SMEs through to ASX-listed entities.

Compare Cyber Insurance

Cyber Insurance Comparison

 

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

 

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Cyber Claim Scenario – Employee Error

Cyber Insurance Claim Scenario – Employee Error

(First Party & Third Party Claim)

Cyber Insurer CGU has provided this claims scenario and how there cyber insurance responds to the scenario

 

EXAMPLE

A retailer emailed a group of customers to promote a sale with special discounts available to them. The retailer intended to attach a copy of the flyer detailing the discounts but instead attached a copy of a spreadsheet that contained a customer list, including customer names, addresses and credit card information.

RESULT

The retailer was required to notify all affected customers of the error and offered credit monitoring services.

Several of the affected individuals began legal proceedings against the retailer. The notification and credit monitoring costs totalled $50,000, and the amount to settle the legal proceedings with the retailer’s customers combined with the associated legal costs and expenses totalled $100,000.

CGU SOLUTION

CGU Cyber Defence Insurance Policy provides coverage for breach of privacy which includes legal costs, indemnification of third parties and crisis management costs.

Source CGU

Speak to one of Insure 247’s brokers on 1300 046 787

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Zurich – the ins and outs of cyber risks

Zurich Cyber Risk

Cyber risks

Zurich Cyber Insurance

Cyber insurer Zurich‘s Global Head of Special Lines Lori Bailey has published an article outlining the ins and outs of cyber risks.

See where cyber risks originate, how they accumulate and how they can derail mission critical aspects at every level of your business.

kh-image-the-ins-and-outs-of-cyber-risks

The consequences of cyber risks can disrupt critical business infrastructure and derail productivity at the operational level. Here’s a complete look at where they originate, what they target and their consequences.

Cyber Risk Sources

  • Human error accounts for 52 percent of cyber breaches, according to a study by CompTIA.
  • Creating resilience to cyber risks requires focus on educating and training employees

kh-image1-the-ins-and-outs-of-cyber-risks

CyberRisk Targets

  • Indirect targets of cyber encroachments are as significant as direct targets.
  • Access to financial information, for example, could put at risk the financial information of a private company that is a customer.
  • This underscores the need for a holistic view of cumulative cyber risks.

kh-image2-the-ins-and-outs-of-cyber-risks

CyberRisk Consequences

  • The consequences of cyber risks are not limited to lost data.
  • Transactions can fail; supplies or products can be misdirected.
  • Manufacturing can be halted or output faulty goods; safety issues can cause injuries.
  • Dissatisfied customers can turn elsewhere.

kh-image3-the-ins-and-outs-of-cyber-risks

Source: Zurich

Speak to one of Insure 247’s brokers on 1300 046 787

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrant the accuracy of any information contained therein, readers should make their own inquiry’s before relying on information in the stories Terms of Service

Cyber Insurance Comparison

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation, and needs