Story image

Cyber insurance in Australia set to rise in the wake of increasing attacks

27 Oct 2016

The number of Australian small businesses with cyber insurance is set to increase, with new research showing one in five Australian SMBs experiencing a cyberattack.

New figures from Norton by Symantec revealed 19% of Australian small businesses are looking to purchase cyber insurance in 2017. Currently, only 14% hold a cyber insurance policy.

“Cyber insurance is an emerging trend as it presents an avenue for small businesses to become more resilient to a wide range of cyber risks and the costs associated with data breaches and business interruption. It can be a business’ safety net when all else fails,” says Mark Gorrie, director, Norton Business Unit, Pacific region, Symantec.

The Norton survey provides some key cyber insurance findings about Australian small businesses.

Almost one in five small businesses are looking to purchase cyber insurance in the next 12 months.

According to the survey, businesses with a server are much more likely to be considering cyber insurance (28% compared to only 6% of those without a server), as are businesses with more than five employees (33% compared to 8% of businesses with one – three employees).

The survey found cyberattacks and loss or theft of data are key reasons for purchasing cyber insurance.

Businesses with cyber insurance were asked to identify what risks they were insuring against. The Norton survey identifies cyberattacks and loss or theft of data as the key reasons identified by 28% and 18% of respondents respectively.

Cyber insurance increased with the size of the business and the presence of a server, the survey shows.

While only one in seven (14%) micro to small businesses (one – 20 employees) currently hold a cyber insurance policy, the survey revealed that results varied significantly with the size of the business. For example, smaller companies are less likely to have cyber insurance with only 5% of micro businesses (one – five employees) holding a cyber insurance policy.

Contrastingly, as business size increased, 30% of small business (six – 20 employees) and 23% of businesses with a server currently hold a cyber insurance policy. Additionally, once the business turnover reached $1 million+ or IT spend reached upwards of $6,000, the likelihood of the business owning a cyber insurance policy increased to 30% or more.

The survey showed the average price for cyber insurance was estimated at just under AUD$2,900.

Australian small businesses who are considering cyber insurance were also asked to estimate how much they would pay for cyber insurance. On average, businesses expected to pay $2,898, but estimates varied considerably.

For example, businesses with a server expected to pay more on average ($3,177 compared to only $579 for businesses without a server). Revenue was also a key differentiator with businesses earning over $1 million expecting to pay $3,983 on average compared to only $583 for businesses earning less than $250,000.

Almost one in five business who have or had cyber insurance made a claim, the survey revealed.

“It’s not just big businesses that are being attacked by cybercriminals,” says Gorrie.

“Australian businesses of all sizes are vulnerable to attacks. However, small businesses are traditionally more vulnerable because they often don’t have the same security resources and budgets as their big business counterparts,” he says.

“The impact of a cyber attack to a small business’ brand, reputation, and business operations can be catastrophic,” Gorrie adds.

“While many small businesses recognise the importance of proactive planning to prevent cyberattacks, the Norton survey reveals many are still unfamiliar with cyber insurance and its benefits and may not realise their normal business insurance does not cover loss as a result of cyberattacks," he explains.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.