SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Small australian business office employees computer digital shield security
#
Data Protection
#
Ransomware
#
MarTech

Cyber insurance among small businesses surges amid rising threats

Thu, 2nd Oct 2025
Author image
By Catherine Knowles, News Editor

New data from BizCover reveals that cyber insurance uptake among Australian small businesses has increased by 50% over the past year.

This growth comes in the context of recent findings from the Australian Signals Directorate's latest Cyber Threat Report, which reported more than 87,000 cybercrime cases across Australia last year, averaging one incident every six minutes. For small businesses, the average cost of a cyber incident is now approximately AUD $49,600.

Changing attitudes

Small businesses have become more aware of the risks presented by cybercrime and are increasingly recognising the value of cyber insurance as part of their overall risk management approach. Over a three-year period, cyber insurance uptake has increased by 85%, according to BizCover's data.

Akshaye Kalkura, Virtual Chief Information Officer at BizCover, highlighted a lingering misperception among business owners when considering cyber liability cover: "One of the most common reasons that business owners don't take out Cyber Liability cover is because they believe they're 'too small' to be a target. This couldn't be further from the truth."

Kalkura emphasised the repercussions that can follow a cyberattack, which extend beyond financial losses.

"The fallout from a cyberattack can have serious consequences for a small business. Without Cyber Liability cover, they are exposed to operational disruption if their systems are taken offline, financial losses from investigations, legal fees, data recovery and lost income, as well as reputational damage if customer or supplier data is compromised."

Types of threats

The nature of cyberattacks varies, ranging from ransomware and phishing scams to invoice fraud and accidental data leaks. Cyber Liability policies are aimed at protecting small businesses against these specific risks, offering support for recovery that traditional business insurance may not provide.

Kalkura explained why small businesses are increasingly being targeted by cybercriminals:

"One of the most common reasons that business owners don't take out Cyber Liability cover is because they believe they're 'too small' to be a target. This couldn't be further from the truth, as small businesses are often targeted because they don't have the same strong cybersecurity measures in place as larger organisations. Email compromise, fake invoices and simple human error all contribute to small businesses becoming the victims of cyberattacks."

With regulatory environments changing and penalties for breaches tightening, BizCover expects that demand for cyber insurance among small businesses will continue to rise.

"With greater understanding of the threat landscape comes more focus on cybersecurity measures, including insurance; and heavier penalties for data privacy breaches mean that businesses aren't willing to take chances when it comes to protecting customer data. They know what's at stake," Kalkura said.

Real-world experiences

The figures reported reflect experiences shared by several small business owners. John Beaver, founder of Desky, a national online retailer, described the financial and operational repercussions his company faced following a phishing attack in which an employee processed a fraudulent invoice for AUD $4,700.

"Good habits and clear SOPs protect a business more than depending on technology alone," Beaver says.

Micko, the owner of Primal Recovery in Melbourne, lost AUD $10,000 due to a man-in-the-middle scam when criminals intercepted invoices and changed bank account details.

"The only way to play it safe is as I mentioned before, confirm all details are correct before paying it. The sad part is, I am quite a savvy tech junkie, and it still got me," Micko said.

Daniel Vasilevski, who owns Pro Electrical in Sydney, recounted how his business narrowly avoided a similar scam. Although no money was lost, the attempt caused significant disruption for his staff.

He said, "It was a wake-up call about how vulnerable we are when it comes to even the simplest transactions, and it reminded me that the chance of a cyber incident can happen with businesses of any size."

He added, "We used to assume if it looked like an invoice, it was legitimate. Now we have a two-step verification process for every transaction."

Cover features

Cyber Liability insurance usually covers a range of potential losses associated with cybercrime, including ransomware attacks, data breaches and phishing scams, as well as the costs for forensic investigations, customer notifications and business interruption. As cyber incidents become more regular and more costly, insurance is being seen as an essential part of small businesses' risk management strategies.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Codific sets 2026 priorities for boards on cyber risk
Punkt unveils MC03 privacy-first smartphone with Proton
CSPM set to vanish as machine identities drive risk
Pearson to deploy palm-print ID across global exams
DryRun raises USD $8.7m to secure AI-driven coding

Top stories

Acronis boosts MSP security with new threat research
Many Australians overestimate ability to spot deepfakes
AI in 2026: fragile data, hybrid clouds & profit race
Hydrolix unveils Bot Insights to expose costly AI bots
AI to transform business risk, trust & compliance by 2026