Earlier this month, we asked companies whether they were prepared for the potential business interruption that cyber criminals could inflict on their operations.
Since then, more data has come to light showing how at risk many organisations’ IT systems are in today’s technology-driven workplaces. In fact, ABI Research predicted malicious online activity will result in the cyber insurance market growing to a value of US$10 billion (AU$13.7 billion) by 2020.
The organisation said 900 million records were exposed in 2014, with cyber criminals keen to steal business information and personal data. However, despite growing awareness of the issue, fewer than 20 per cent of large companies have invested in comprehensive business insurance to cover them for such incidents.
The results for small and medium-sized enterprises are even more worrying, with less than 6 per cent of directors purchasing appropriate coverage. Nevertheless, organisations are likely to investigate the benefits of insurance, as cyber attacks continue to increase in both volume and intensity.
Research Director Michela Menting said one challenge for insurers will be assessing the cyber security risk levels of businesses.
“More information sharing, and understanding of event impact and the associated longer-term costs (through post-incident analytics, for example) can help remove some of these obstacles,” she said. “In turn, this will drive better policy rates and see the cyber insurance market progressively emerge from its niche, despite being around for over 30 years.”
Cyber security in Australia
The ABI Research data followed the first Australian Cyber Security Centre (ACSC) Threat Report the country’s government has ever made public. According to the document, cyber attacks in Australia are “undeniable, unrelenting and continue to grow”.
ACSC said the Australian Signals Directorate, which responds to cyber threats against government networks and IT systems with national importance, investigated 1,131 incidents last year. This was 20 per cent higher than in 2013 and a staggering 261 per cent increase on 2011.
“Due to the varied nature of motivations for cyber adversaries targeting Australian organisations, organisations could be a target for malicious activities even if they do not think the information held on their networks is valuable, or that their business would be of interest to cyber adversaries,” the report’s authors said.
While the ACSC said its ability to detect and counter cyber criminals is improving, the sophistication of attacks is also on the rise. As technology evolves, we can only expect these threats to become increasingly real for business across the country.
Contact MGA to discuss business insurance options to cover you for unexpected downtime on your networks.