Modern Australian
The Times

Just 25% of business are insured against cyber attacks. Here's why

  • Written by Jongkil Jay Jeong, CyberCRC Senior Research Fellow, Centre for Cyber Security Research and Innovation (CSRI), Deakin University
Just 25% of business are insured against cyber attacks. Here's why

In the past financial year, the Australian Cyber Security Centre received 76,000 cyber-crime reports – on average, one every seven minutes. The year before, it was a report every eight minutes. The year before that, every ten minutes.

The growth of cyber crime means it is now arguably the top risk facing any business with an online presence. One successful cyber attack is all it takes to ruin an organisation’s reputation and bottom line. The estimated cost to the Australian economy in 2021 was $42 billion.

Read more: Why are there so many data breaches? A growing industry of criminals is brokering in stolen data

To protect itself (and its customers), a business has three main options. It can limit the amount of sensitive data it stores. It can take greater care to protect the data it does store. And it can insure itself against the consequences of a cyber attack.

Cyber-insurance is a broad term for insurance policies that address losses as a result of a computer-based attack or malfunction of a firm’s information technology systems. This can include costs associated with business interruptions, responding to the incident and paying relevant fines and penalties.

The global cyber-insurance market is now worth an estimated US$9 billion (A$13.9 billion). It is tipped to grow to US$22 billion by 2025.

But a big part of this growth reflects escalating premium costs – in Australia they increased more than 80% in 2021 – rather than more business taking up insurance.

So coverage rates are growing slowly, with about 75% of all businesses in Australia having no cyber-insurance, according to 2021 figures from the Insurance Council of Australia.

Challenges in pricing cyber-insurance

With cyber-insurance still in its infancy, insurers face significant complexities in quantifying cyber risk pricing premiums accordingly – high enough for the insurers not to lose money, but as competitive as possible to encourage greater uptake.

A 2018 assessment of the cyber-insurance market by the US Cybersecurity and Infrastructure Security Agency identified three major challenges: lack of data, methodological limitations, and lack of information sharing.

Read more: How cybercriminals turn paper checks stolen from mailboxes into bitcoin

Lack of historical loss data means insurers are hampered in accurately predicting risks and costs.

Because of the relative newness of cyber crime, many insurers use risk-assessment methodologies derived from more established insurance markets such as for car, house and contents. These markets, however, are not analogous to cyber crime.

Companies may be hesitant to disclose information about cyber incidents, unless required to do so. Insurance carriers are reluctant to share data pertaining to damage and claims.

This makes it hard to create effective risk models that can calculate and predict the likelihood and cost of future incidents.

So what needs to be done?

Deakin University’s Centre for Cyber Security Research and Innovation has been working with insurance companies to understand what must be done to improve premium and risks models pertaining to cyber insurance.

Here is what we have found so far.

First, greater transparency is needed around cyber-related incidents and insurance to help remedy the lack of data and information sharing.

The federal government has taken two steps in the right direction on this.

One is the Consumer Data Right, which provides guidelines on how service providers must share data about customers. This came into effect in mid-2021.

The other is the government’s proposal to amend privacy legislation to increase penalties for breaches and give the Privacy Commissioner new powers.

Read more: After the Optus data breach, Australia needs mandatory disclosure laws

Second, insurers must find better ways to measure the financial value and worth of the data that organisations hold.

The primary asset covered by cyber insurance is the data itself. But there is no concrete measure of how that data is worth.

The recent Optus and Medibank Private data breaches provide clear examples. The Optus event affected millions more people than the Medibank Private hack, but the Medibank Private data includes sensitive medical data that, in principle, is worth far more than data regarding just your personal identity.

Without an accurate way to measure the financial value of data, it is difficult to determine the appropriate premium costs and coverage.

Cyber insurance is a new, specialised market with significant uncertainty. Given the ever-increasing risks to individuals, organisations and society, it is imperative that insurers develop robust and reliable risk-based models as soon as possible.

This will require a consolidated effort between cyber-security experts, accountants and actuaries, insurance professionals and policymakers.

Authors: Jongkil Jay Jeong, CyberCRC Senior Research Fellow, Centre for Cyber Security Research and Innovation (CSRI), Deakin University

Read more https://theconversation.com/just-25-of-business-are-insured-against-cyber-attacks-heres-why-193533

Chatswood Tutoring And Its Role In Academic Achievement

Academic success often requires more than classroom attendance alone. Students face increasing expectations as they progress through school, particu...

Why Laser Hair Removal Treatments Continue Growing In Popularity

Managing unwanted hair can become time-consuming and frustrating for many people, especially when shaving, waxing, and other temporary methods requi...

Choosing the Right Devices for a Flexible Workplace

For IT leaders managing large fleets, the device layer is where workforce productivity and security policy meet. The shift towards flexible and hybrid...

How Business Advisory Services Help Companies Achieve Sustainable Growth

Every business owner aims to build a profitable and sustainable organisation. While dedication, innovation, and hard work are important, achieving l...

Why Body Contouring Has Become A Popular Cosmetic Treatment

Many people maintain healthy lifestyles through regular exercise and balanced eating habits but still struggle with stubborn areas of fat that are d...

How to Choose the Right POS Hardware for Your Business in Australia

A lot of Australian business owners spend weeks researching POS software but buy hardware almost as an afterthought. That's a mistake. The wrong har...

Why Material Handling Hose Is Critical for Industrial Efficiency

A high-performance material handling hose is an essential component in industries that transport abrasive, dry, or bulk materials on a daily basis...

How to Choose the Right Lawyer in Melbourne for Your Situation

Choosing legal support can feel difficult, especially when the stakes are personal or business-related. The right lawyer in Melbourne should underst...

Hoteliers Look to Clever Value Adds to Increase Revenue

The Australian hospitality industry is still in recovery mode after a notoriously rough patch in recent years. While there has been a post-COVID tra...

Moving to Queensland? Here’s How to Prep Your Car for the Big Move North

There’s no sign of the northern migration slowing down, with thousands of southerners fleeing from chaotic lifestyles and cooler climates for a brig...

Diesel Shortage to Impact Trades and Contractors

Strait of Hormuz blockage affecting all major parts of trades and construction Trades and construction across residential, commercial and industria...

Why Holiday Home Owners Turn to Rental Management Agents

The Allure — and the Reality — of Renting Out Your Property Owning a holiday home is a dream for many Australians. Whether it's a beachside sha...

Why Finding Reliable Doctors In Bundoora Is Important For Long-Term Health

Access to quality healthcare plays an important role in maintaining overall wellbeing and managing health concerns early. Trusted Doctors in Bundoor...

Understanding the Different Types of Car Services: Minor vs Major

When it comes to car maintenance, one of the most important things every vehicle owner should understand is the difference between a minor and a maj...

How Superannuation and TPD Insurance Work Together

Superannuation is an essential part of financial planning in Australia. It is designed to provide individuals with income during retirement, helping...

Tiny Towns funding granted for Mt Hotham and Mt Buller upgrades

Alpine Resorts Victoria (ARV) has welcomed funding support from the Victorian Government’s  Tiny Towns Fund, with both Mt Hotham and Mt Buller se...

Locksmith Services: Why Professional Security Solutions Matter More Than Ever

Security is a critical concern for homeowners, businesses, and vehicle owners alike. Whether it involves protecting a property, replacing damaged lo...

Why Tooth Fillings Are Important For Protecting Damaged Teeth

Cavities and minor tooth damage are common dental problems that can worsen if left untreated. Professional tooth fillings help restore damaged teeth, ...