MANAGING RISK
Business Insurance and coverage for cyber incidents
Cyber risk is one of the most dynamic challenges currently facing the insurance and reinsurance industries.
And many businesses that rely on a Business Insurance policy – such as those offered by GIO – face the risk of silent cyber.
Know more about Business Insurance
What is silent cyber?
“Silent cyber” is a term used by some in the insurance industry. It refers to potential cyber-related losses stemming from incidents that traditional insurance policies don’t cover.
Many traditional insurance policies weren’t designed with cyber exposures in mind, so they don’t make any mention of including or excluding such risks – either implicitly or explicitly. This creates an ambiguity in coverage, leading both insurers and policy holders unsure about what can be claimed for and when an insurance payout is justified.
How is the insurance industry responding to cyber risk?
Insurers are taking steps – some required by regulators – to address this ambiguity and clarify their coverage. Some insurers have done this by defining cyber risk and then excluding it from non-cyber policies. Some are introducing new policy language and underwriting guidelines.
At GIO we’ve decided to exclude cyber risks in all our small business package policy wording. This is consistent with many other insurers, who have excluded such risks from their traditional policies to eliminate any ambiguity.
Are there cyber insurance policies?
Cyber insurance is a type of liability insurance that protects your business against cybercrime, the loss of data and some of the liabilities associated with those events.
A specialised cyber liability policy is the best way to protect your small business against the many risks associated with cyber-attacks.
Cyber liability is designed to cover losses suffered by third parties when your cyber security is breached, but instead of covering physical damage or injury it covers losses relating to cyber incidents.
As with all insurance policies, there are exclusions that are important to understand.
Cyber Insurance policies generally, do not cover:
- potential future lost profits;
- loss of value due to theft of your intellectual property; and
- the cost to improve internal technology systems, including any software or security upgrades after a cyber event.
How to build cyber resilience for your business
Cyber resilience is the ability to adapt to disruptions caused by cyber security incidents while maintaining continuous business operations. It’s essential for all small businesses operating in the digital economy.
There are some practices that can offer businesses the chance to develop highly adaptive and responsive cyber resilience processes.
For example, the Australian Securities and Investments Commission has published a Cyber Resilience Good Practices resource.
You can also register to receive alerts from the Australian Cyber Security Centre (ACSC).
The ACSC has a range of resources for small and medium businesses and large organisations, including useful tips, guides and assessment tools:
Are you exposing yourself to online security risks?
Many of us spend more time online than ever. This puts us at a higher risk of privacy breaches and online scams.
Here are 5 simple tips to help you protect your online privacy and security.
Use strong, unique passwords that are at least sixteen characters long. Include numbers and special characters.
Avoid using the same password across multiple accounts.
Use keychain software to help you with all your different logins.
If possible, use Face ID or Fingerprint ID to log in safely and securely.
If you haven’t already, invest in licensed virus protection software for your devices.
You can install it on your smartphone as well as computers and tablets.
It’s one of the easiest steps you can take to be better protected online.
Think twice before you share personal information like your address, holiday check-in info, or even your relationship status on social media.
If your account is set to public, your personal information may not only be visible to friends and family, but also to millions of strangers.
Make sure to review and update your privacy settings.
When browsing or shopping online, only enter personal information, like credit card details, into secure websites.
You can tell a website is secure when a lock icon is visible in your browser next to the URL.
If an organisation asks you to share personal information via email or text, this may be a scam. Always verify who you’re communicating with and think before you share personal information like bank details, copies of personal ID, or credit card details, through email or text.
Share these tips with your family and loved ones to help them stay safe and secure online. And remember, it’s the small steps you take every day that will continue to protect your online safety and privacy.
One thing you can do is download the GIO App to manage your insurance policies securely from your smartphone. Use the app to make and track claims, update personal details, renew policies, and more.
And for other helpful tips, visit the GIO Know More site.
GIO’s approach to claims
Each claim is different. Whether or not a particular policy affords cover will be determined by the circumstances of the claim, and the specific terms and conditions set out in your business policy wording – that is, the Product Disclosure Statement (PDS).
The following are examples of cyber-related claim scenarios. They’re provided as a guide only to the types of incidents that our policies may, or may not, typically respond to.
Buildings, contents, and other property wordings
We don’t intend to provide cover for damage to any data that caused by a cyber incident, or where damage spreads digitally from one item to the next.
However, we may cover subsequent damage to other covered tangible property that arises as a result of the initial incident.
Public Liability
These scenarios would not be covered:
- Following a data breach, your business’ customer data was lost, and your customers suffered mental anguish as a result.
- Your customer is seeking compensation for a laptop, while in for repairs, was infected with a virus when connected to your business network.
To discuss what is and isn’t covered by a GIO Business Insurance policy, feel free to get in touch.
Read more:
- The different types of business insurance
- What does Tradies Insurance cover?
- Why do I need Public Liability Insurance?
Insurance issued by AAI Limited ABN 48 005 297 807 trading as GIO. Consider the Product Disclosure Statement before making a decision about this insurance. This advice has been prepared without taking into account your particular objectives, financial situations or needs, so you should consider whether it is appropriate for you before acting on it.
