For SME’s with an annual turn-over of $3m or more failure to notify affected parties of data breaches which occur after 22nd February this year can incur fines up to $360,000 for individuals and for organisations up to $1.8 million. The financial impact of such fines could ruin any person or SME Business.
The severity of the fines also illustrates that the Australian Government is taking the reporting of cyber events to a whole new level and given the looming February commencement date we raise the question-how prepared is your business?
Recent reports show that many SME’s are not yet prepared for the impact of the new legislation.
We suggest as part of that preparation consider Cyber Insurance. Such insurance cover can not only compensate you for costs incurred should a breach take place, but it can also provide a 24/7 lifeline to cyber specialists when a breach occurs.
THE AGE OF DATA BREACHES IS UPON US
Data breaches are an increasing and alarming reality in the world today.
During 2017 cyber criminals penetrated Equifax (one of the largest credit card bureaus) and stole the data of 145 million people.
The WannaCry breach impacted more than 150 countries, and even leveraged some of the leaked NSA tools in the USA. More than 300,000 machines were hit across numerous industries, including health care and car companies.
Closer to home 1 in 10 Australians almost certainly had their personal information stolen by criminals in an “astonishing” hack on Uber accounts that the ride-sharing giant covered up for more than a year. The multibillion-dollar company revealed the information of 57 million customers and drivers had been compromised in the data theft.
INTRODUCING CYBER INSURANCE FOR YOUR BUSINESS
Cyber Insurance is a product developed to cover you for some of the costs your business may incur in the event your database is hacked.
Example cover available under a Cyber Insurance policy may include:
- 24/7 Incident Response– Access to experts in their field who understand the importance of immediately mitigating potential cyber threats to your business. Teams can include IT investigators, forensic accountants, lawyers, public relations and crisis management consultants. Having access to these experts may help SME’s when reporting a breach event which is now a requirement under the Notifiable Data Breach guidelines.
- Business interruption loss due to a network security failure or attack, human error, or programming errors
- Data loss and restoration including decontamination and recovery
- Delay, disruption, and acceleration costs from a business interruption event
- Legal costs including exercising contractual indemnity
- Crisis communications and reputational mitigation expenses
- Liability arising from failure to maintain confidentiality of data
- Liability arising from unauthorised use of your network
- Network or data extortion/ blackmail (where insurable)
- Online media liability
- Regulatory investigations expenses
If you need to talk to us about your Cyber Insurance needs please call our friendly Team at IME Insurance Brokers 1800 641 260 or visit http://imeinsurance.com.au/