IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
Cyber insurance in Australia set to rise in the wake of increasing attacks
Thu, 27th Oct 2016
FYI, this story is more than a year old

The number of Australian small businesses with cyber insurance is set to increase, with new research showing one in five Australian SMBs experiencing a cyberattack.

New figures from Norton by Symantec revealed 19% of Australian small businesses are looking to purchase cyber insurance in 2017. Currently, only 14% hold a cyber insurance policy.

“Cyber insurance is an emerging trend as it presents an avenue for small businesses to become more resilient to a wide range of cyber risks and the costs associated with data breaches and business interruption. It can be a business' safety net when all else fails,” says Mark Gorrie, director, Norton Business Unit, Pacific region, Symantec.

The Norton survey provides some key cyber insurance findings about Australian small businesses.

Almost one in five small businesses are looking to purchase cyber insurance in the next 12 months.

According to the survey, businesses with a server are much more likely to be considering cyber insurance (28% compared to only 6% of those without a server), as are businesses with more than five employees (33% compared to 8% of businesses with one – three employees).

The survey found cyberattacks and loss or theft of data are key reasons for purchasing cyber insurance.

Businesses with cyber insurance were asked to identify what risks they were insuring against. The Norton survey identifies cyberattacks and loss or theft of data as the key reasons identified by 28% and 18% of respondents respectively.

Cyber insurance increased with the size of the business and the presence of a server, the survey shows.

While only one in seven (14%) micro to small businesses (one – 20 employees) currently hold a cyber insurance policy, the survey revealed that results varied significantly with the size of the business. For example, smaller companies are less likely to have cyber insurance with only 5% of micro businesses (one – five employees) holding a cyber insurance policy.

Contrastingly, as business size increased, 30% of small business (six – 20 employees) and 23% of businesses with a server currently hold a cyber insurance policy. Additionally, once the business turnover reached $1 million+ or IT spend reached upwards of $6,000, the likelihood of the business owning a cyber insurance policy increased to 30% or more.

The survey showed the average price for cyber insurance was estimated at just under AUD$2,900.

Australian small businesses who are considering cyber insurance were also asked to estimate how much they would pay for cyber insurance. On average, businesses expected to pay $2,898, but estimates varied considerably.

For example, businesses with a server expected to pay more on average ($3,177 compared to only $579 for businesses without a server). Revenue was also a key differentiator with businesses earning over $1 million expecting to pay $3,983 on average compared to only $583 for businesses earning less than $250,000.

Almost one in five business who have or had cyber insurance made a claim, the survey revealed.

“It's not just big businesses that are being attacked by cybercriminals,” says Gorrie.

“Australian businesses of all sizes are vulnerable to attacks. However, small businesses are traditionally more vulnerable because they often don't have the same security resources and budgets as their big business counterparts,” he says.

“The impact of a cyber attack to a small business' brand, reputation, and business operations can be catastrophic,” Gorrie adds.

“While many small businesses recognise the importance of proactive planning to prevent cyberattacks, the Norton survey reveals many are still unfamiliar with cyber insurance and its benefits and may not realise their normal business insurance does not cover loss as a result of cyberattacks," he explains.