Security Market Segment LS
Friday, 28 October 2016 10:03

Cyber insurance is the next frontier


New figures from Norton by Symantec state that just 19% of small businesses in Australia and 9% in New Zealand are looking to purchase cyber cover in 2017.

A cyberattack is just as likely to affect the top and bottom end of town – the proportional effects can be no less devastating resulting in loss of reputation and loss of business.

For example, there was a major attack last week on domain name services provider Dynamic Network Services. It was described as "the most disruptive cyber incident" since the birth of the Internet and could have a profound impact on insurance.

Dr Michael Neary, industry general manager for insurance, CSC (Computer Sciences Corporation), said in a media release: “With almost 70% of Australian businesses experiencing a cyberattack in the last 12 months, this is now a board-level discussion. Cyber risk has materialised as one of the top challenges faced by companies worldwide. This is further reflected in the valuation of the cyber security market, with Lloyds having recently valued it at US$85 billion, indicating the enormous potential to drive growth for insurers.”

Many Australian businesses are starting to respond to the ongoing risk of cyberattacks by increasing their investment in information security. The cost of cyber-crime continues to rise: in Australia, the cost rose by 13% in 2015 over 2014. Each attack also took longer to detect and resolve, demonstrating the increasing sophistication of cyber criminals, as well as the persistence of their attacks.

“Many organisations believe they are covered for a cyberattack under the terms of their current insurance policies when, in fact, those traditional policies are somewhat ambiguous and therefore potentially inadequate when it comes to mitigating cyber risk,” Neary said.

“Insurers need to re-engage with clients and explain to them where they are currently exposed regarding their coverage. This could be achieved through a dedicated education campaign, which would help promote discussion and raise awareness of the potential threat of losses incurred as a result of insufficient cyber insurance coverage,” he added.

To date, insurers have been held back somewhat by roadblocks in offering cyber insurance, such as a lack of historical data for underwriting it, a continually-morphing risk profile, and a still-developing skillset.

According to CSC, there are three key phases insurers should work through:

  • Threat intelligence gathering: Experts should gather threat intelligence, which could include a threat map that profiles a client’s position.
  • Risk assessment: This may include activities such as penetration testing, security audits, and white-hat hacking campaigns to get a clear view of the client’s risk profile.
  • Training: It’s important to get training for the insurer, the brokers they work with, and for clients, who may be entitled to reduced premiums if they have certain requirements in place such as security certifications and accreditations.

David Jarvis, national practice lead for Cyber Security at UXC Consulting (a CSC company), said, “Cyber insurance is an emerging product that is likely to grow exponentially over the next few years. There is a clear market opportunity in Australia for insurance providers to cover cyber risk. The most effective way for insurance providers to develop workable policies fast enough to take advantage of the skyrocketing demand is to partner with providers that can provide the deep cyber security knowledge and skills needed to understand risk and assess claims."

Neary summed it up, “This partnership with organisations that provide cyber security skills will be a similar model to that used by life insurance providers, who rely on doctors and return-to-work specialists to evaluate policies and claims.”

CSC has just released a white paper: Cyber Insurance. The Next Frontier, about the cyber insurance market and risks.


WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Ray Shaw

joomla stats

Ray Shaw  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!



Recent Comments