Talk to Bill Owen Insurance Brokers about your cyber insurance.

Cyber Insurance

Cyber Insurance is designed to protect commercial businesses of all kinds against a wide range of First Party (the insured business) and Third Party (the customer or other affected parties) liability cyber exposures that arise when their customer information is breached or stolen.

Companies with access to private, confidential information about their customers have a responsibility to keep it secure.

Is Your Company Prepared For?

  • Identity theft resulting from lost or stolen financial information, credit card numbers, tax file numbers or other confidential information?
  • An e-business interruption resulting from a security failure or internet virus?
  • Costs related to privacy notification, crisis management, and disaster recovery?
  • Hacker malfeasance resulting in theft of confidential information, or costly e-vandalism?
  • A lawsuit stemming from a security failure or alleged technology error or omission, that results in damages to customers?
  • A lawsuit alleging intellectual property, trademark, or copyright infringement?

Did you know?

More than 20% of Australian businesses experienced Cyber Crime in 2012 (CERT Australia), and 40% of all attacks were directed at SME’s (Symantec).

New Privacy legislation was introduced in March 2014 with penalties of, $340,000 for individuals and $1.7 million for companies, for breaching the legislation.

Coverage can be obtained for the following:

First Party Cyber Crime Expense

  • E-Business interruption  – including first dollar expenses
  • Crisis management and reward expenses – including the cost of employing the services of a Public Relations Consultant
  • Privacy Notification Expenses – including the costs of monitoring and restoring services to affected clients
  • E-threat – including the cost of a professional negotiator and ransom payment
  • E-vandalism expenses – including when vandalism has been caused by an employee.

Third Party Cyber Liability

  • Disclosure liability – including lawsuits alleging unauthorised access or dissemination of private information
  • Content injury – including suits arising from intellectual property infringement, trademark infringement, copyright infringement
  • Reputation injury – includes lawsuits alleging defamation and invasion of privacy
  • Conduit injury – including suits arising from system security failures that result in harm to third-party systems
  • Impaired-access injury – including suits arising from system security failure resulting in your customer’s system being unavailable to its customers.

Recent Claim Examples

Scenario 1 - Online Retailer - Website Defaced & Client Details Accessed

Profile: Online Retailer with a turnover of $5M per annum and employing 15 staff

Background: The insured’s website was defaced and included a link to a competitors website after hackers accessed personal information of their customers and overtook their website.

Policy Response: Cyber Business Interruption, Hacker Damage, Privacy Protection, Breach Costs

Outcome: $800,000 was paid for loss of income, cost to repair the website as a result of the hack, defence costs for regulatory actions by the privacy commissioner, and costs of notifying the affected individuals including providing credit monitoring services.

Scenario 2 - Charity Organisation - Denial of Service Attack

Profile: Charity Organisation with turnover of $18M and 80 staff

Background: The Insured was targeted with denial of service attack (floods a targeted system with incoming web traffic until it is virtually crippled) in the last few days of a fundraising campaign. Donations were unable to be made while the system was being fixed.

Policy Response: Cyber Business Interruption, Hacker Damage

Outcome: $1,500,000 paid for the lost donations and rectifying the damage to the insured’s website.

Scenario 3 - Legal Services Business - Client Records Locked by Ransomware

Profile: Legal Services Business with a turnover of $2M and 8 employees

Background: The insured’s server and client records were locked by Ransomware software. The Insured was only able to get the files released after paying $50,000 ransom to hackers.

Policy Response: Cyber Business Interruption, Cyber Extortion, Hacker Damage

Outcome: $150,000 paid for the loss of income, the ransom demand including consultants costs to advise the handling and negotiation of the ransom, and the costs to restore the network as the hackers refused to release the files despite ransom payment.

Scenario 4 - Transport Office - Client Credit Card Details Accessed

Profile: A Transport Office with four office locations, turnover of $10M per annum and employs 30 staff.

Background: The Insured experienced three separate data breaches over a three-year period. Over this time hackers gained access to the company’s computer system. Over 250,000 individuals’ credit card information and passport details were compromised.

Policy Response: Privacy Protection, Breach Costs

Outcome: $1,750,000 paid for the forensic and legal costs in defending the investigation brought by the regulator and the cost of notifying the affected individuals including provision of credit monitoring services.