Any business that uses any kind of technology for its operations, for example computers, websites, emails, phone systems etc. could face potential cyber risks. In today’s digital world this means that everyone is likely to have some level of exposure including businesses in hospitality and retail that rely on technology to offer electronic payments via their EFTPOS machines to customers.
Cyber risks are also an important consideration for primary industries such as agriculture that rely on technology driven dairy machinery to operate. In the event that a cyber risk shuts down the machinery for a period of time, the loss of sales/profits to the business can be significant. Similarly health professionals and legal firms that store confidential client records have a high level of risk exposure.
Having a cyber insurance policy is paramount to help businesses from every industry recover from a cyber attack that can happen at any time and cause major disruption to a business’s ability to generate an income in the event that company data is lost, IT services shut down or confidential information is stolen through a privacy breach. The recently updated Privacy Act places a large emphasis on the protection of client data. Cyber Insurance can be a valuable asset to your risk management plan.
What does Cyber insurance cover?
A robust Cyber insurance policy should include basic cover for ransomware, privacy breaches, re-writing of lost records and the transmission of a computer virus.
Broader policies may also include cover for interruption to a business, for example a loss of profit if the business’ computer systems are shut down for an extended period of time.
It can provide options to insure against social engineering risks whereby, for example, hackers send a fake invoice with their own account number noted and funds are then paid to them mistakenly. It can also provide cover in the event a business is exposed to a ransomware attack and incurs extortion costs, something that happens more frequently in recent times and is becoming a major concern for businesses both large and small.
Forensic investigations to establish the level of risk exposure after a cyber attack can be costly and the reputational damage to a business devastating. A network security breach can pose a particularly high risk for companies that engage third party providers or suppliers and who are then faced with potential data theft or the loss of intellectual property.
For larger organisations, having a comprehensive cyber insurance policy that includes cover to engage a PR company to help with managing a negative exposure event and assist with restoring its reputation can prove invaluable.
Each insurer will have their own cyber insurance policies however most will provide the options for both first and third party cover. There are also Personal Cyber options available in the New Zealand market that can be arranged by the employer for their employees.
The level of exposure a business faces will depend on their reliance on digital technology to run their business. For example, whether they conduct most of their business online via a company website, hold sensitive client data on their servers i.e. confidential patient records or credit card information, use EFTPOS or other Point Of Sale (POS) technology to make payments or simply use technology for staff to access internal documents and communicate with customers via email.
Seek advice from a broker
It can be challenging for businesses to know what cyber protection they require or how to identify the level of risk exposure they have. With many businesses using a wide range of technologies that potentially exposes them to a cyber attack, seeking advice from a local NZbrokers Member is highly recommended. They have in-depth industry knowledge of what different insurers offer and can explain what’s included in each type of Cyber Insurance policy.
They will be able to discuss with you what cyber cover is best suited to provide the right level of protection for your business and that takes into account how your business uses technology and what cover you require to mitigate the risk of financial loss in the event you suffer a cyber attack.
As any business that has suffered a DDOS (Denial of Service) exposure event or had their computers infected with a malware virus know, the disruption to the daily running of the company can be severe. Having a broad cyber insurance policy will ensure you can recover from the exposure event with protection from substantial profit loss and the ability to restore any reputational damage your business may suffer.
To discuss your cyber exposures and how a Cyber Insurance policy can help your business, contact your local NZbrokers Member.