Skip to main content

Preparing your Cyber Defence!

Jul 31, 2018

1 in 5 Australian small to medium-sized businesses have been hit with a cyber-attack & many have paid the price in the form of cash or intellectual property. It’s now time to assume your business may be subject to a cyber incident. We all use email, the internet, technology now managed by Artificial Intelligence, mobile phones etc. It’s therefore important to be prepared. So what can you do to protect your business and your data?

Here’s 5 tips to ensure your cyber security is in order.

1. Undertake a risk assessment to highlight any weak or vulnerable areas.

Do you have email and web filtering and scanning software? Are firewalls and data encryption used to protect against unauthorised system and data access? Is your data securely backed up? Backing up your files is as important as ever.

Ransomware works by encrypting your data and demanding payment for its release, eventually threatening deletion if the ransom is not paid by a certain time. Doing regular backups should allow you to restore data if it is deleted by cyber criminals.

Organisations should be aware that if they choose to pay the ransom, they are funding future crime.

2. Prepare a robust cyber incident response plan.

Small businesses need to have a cyber incident response plan in place to respond to and report on cyber-attacks as quickly as possible. Without such a plan, adhering to the new Mandatory Data Breach Notification legislative requirements will be very challenging and businesses could find themselves wrong-footed by an unsuspecting attack. This plan needs to be regularly reviewed to ensure it remains relevant and useful. It is also recommended that regular cyber-attack tabletop exercises are conducted using the plan, to ensure that all stakeholders know their responsibilities during a cyber incident and that all required resources are identified ahead of time.

While some small businesses around the country will have the resources or be able to call upon them to help improve their security posture and cyber resilience, there will be many more who will need specialist support. It is these businesses that could be left vulnerable without a concerted effort to boost their cyber capability.

3. Evaluate cyber insurance options.

It’s important to understand the value of having an appropriate cyber insurance policy to assist in covering potential exposures. Possible insurance events arising from a major breach include business interruption, forensic costs, additional labour costs (overtime to remedy issues), regulatory fines and crisis management costs.

An AustBrokers Comsure Adviser can pinpoint your vulnerabilities and help assess the best type of cover to meet your cyber risk posture. We can then determine if your current insurance policies are providing adequate cover for this exposure, and if not, investigate tailored cyber insurance policies that will meet your specific cyber risk exposure. It’s important to remember that every business is different and poses different risks, therefore an “off the shelf” policy is likely not suitable to cover you in the event of a cyber-attack.

4. It’s not just an IT issue – everyone in the business is responsible, including the board. 

Are your staff able to recognise phishing emails and phone scams? Do they know how to identify a breach? Do they know what to do if a breach has occurred? Cyber security is a business risk – a human issue and a leadership issue that every staff member needs to be trained in.

5. Be aware of the changing landscape.

The recent release of the Australian Cyber Security Growth Network’s Cyber Security Sector Competitiveness Plan highlights that protecting Australian businesses, and their customers, clients and suppliers from cyber-attacks is of utmost importance to the Federal Government. The prevalence of cyber-attacks impacting local businesses is only going to increase as our economy moves more and more into an online and interconnected world and transactions across boarders become even more commonplace. In addition, the introduction of the Privacy Amendment (Notifiable Data Breaches) Act 2017, which came into effect on the 22nd of February 2018, means businesses of any size or focus must be able to call upon cyber advisers with a high calibre of expertise to help them both prepare for a cyber incident and recover.

Now the legislation has come into effect, it is mandatory to disclose any case where there is reasonable grounds to believe an eligible data breach has occurred. Businesses must advise the Privacy Commissioner and contact all individuals whose data may have been compromised – supplying call centre details and providing public notifications. Individuals have a right to query what information was leaked.

 

Should you wish to discuss this issue further and speak to your Insurance Adviser regarding Cyber Insurance, please call AustBrokers Comsure on 1800 122 194.

This information has been supplied by NIBA, the National Insurance Brokers Association. NIBA is the peak body of the Insurance Broking profession and represents an estimated 90% of all insurance Advisers/Brokers in Australia.


More Blog

Mar 31, 2022

AB Comsure welcomes a new Graduate Program!

Mar 31, 2022

The Importance of understanding “Underinsurance”

Mar 31, 2022

How to protect you and/or your business from 98%* of Cyber Attacks

Mar 31, 2022

SE-QLD & NSW Extreme Weather Event Update

Feb 28, 2022

Supporting our Customers affected by the East Coast Severe Weather Event

Dec 22, 2021

Merry Christmas from Austbrokers Comsure!

Dec 22, 2021

Log4j – Your Systems could be at risk!

Dec 15, 2021

7 Common Christmas Scams to avoid.

Dec 15, 2021

Are you ready for Storm Season?