Search for insurance help

You can’t ignore cybercrime any more

The road to hell is paved with good intentions, and unfortunately the pathway to fool-proofing your business against a growing army of professional cyber criminals may well be too – unless Australian managers wake up to this very real danger and act on their “cyber hygiene” to-do lists.

If you’ve been meaning to introduce cyber safety measures – like appointing a password manager – but haven’t yet, you’re far from alone.

New research shows a worrying inertia at SMEs to take action to address this serious and growing threat.

Businesses with turnover under $10 million a year in particular are largely ignoring cyber risk, Cameron Research says, adopting a head-in-the-sand attitude even as attacks escalate and rapid adoption of technology leaves them exposed.

The research company’s founder Ross Cameron says that as SMEs embraced “seven years of tech change and innovation” in just two years due to covid, cyber risk management has dramatically failed to keep up.

That’s especially the case especially at the SME end of town, which makes up the bulk of employers in Australia. (Almost 98% of businesses have 19 employees or less).

Many SMEs assume suppliers of services such as Google, banks and Xero have taken care of the issue, but this is often not the case.

Yes, cyber issues can be overwhelming. No longer confined to local robbers in balaclavas, business is now exposed to organised gangs of global cyber criminals in what has been described as a “lucrative cottage industry”.

One training sole trader admits, “I’ve done nothing” and “we should change all our passwords and spend some time on internet security but we haven’t,” while another simply says: “I don’t even know where to start.”

But insurers are exasperated that easy to hack choices like passwords or the company name are still favoured access points, and simple mitigation efforts are too often overlooked. Now they’re insisting companies seeking cyber cover jump through a series of hoops before they will offer cover.

As a business owner or manager there’s quite a lot you can do yourself to limit your cyber exposures. There’s a lot of “low-hanging fruit” – cheap and easy measures – small businesses can introduce as a starting point. For example, implementing a virtual private network (VPN) to control access to data – especially for remote workers – or securing the cloud with authorisation.

Multifactor authentication, encrypted and tested backups, privileged access management and protection of end-of-life systems are other widely urged measures that you can undertake yourself. And remember that your willingness to actively address your company’s cyber exposures makes you a more attractive risk for insurers to take on.

Bearing that reality in mind, remember that apart from presenting your case to cautious insurance underwriters we can also help you find more ways to thwart the cyber crooks.

The US Government recently warned that more frequent cyber attacks are the “new normal” for companies and individuals.  It’s the same with Australia.

Mr Cameron says “the broker can really be a forward thinker and leader – really open the business owner’s eyes to something they are probably in denial of having to address”. We’ll be happy to show you what he means. Just give us a call.

Management Liability insurance is designed to provide protection to both the business and its directors or officers for claims of wrongful acts in the management of the business.

A business insurance pack can provide cover for your business premises and contents, against loss, damage, theft or financial loss from an insured interruption to the business.

Purchase up to six products under one Business Insurance Package. 

The road to hell is paved with good intentions, and unfortunately the pathway to fool-proofing your business against a growing army of professional cyber criminals may well be too – unless Australian managers wake up to this very real danger and act on their “cyber hygiene” to-do lists.

If you’ve been meaning to introduce cyber safety measures – like appointing a password manager – but haven’t yet, you’re far from alone.

New research shows a worrying inertia at SMEs to take action to address this serious and growing threat.

Businesses with turnover under $10 million a year in particular are largely ignoring cyber risk, Cameron Research says, adopting a head-in-the-sand attitude even as attacks escalate and rapid adoption of technology leaves them exposed.

The research company’s founder Ross Cameron says that as SMEs embraced “seven years of tech change and innovation” in just two years due to covid, cyber risk management has dramatically failed to keep up.

That’s especially the case especially at the SME end of town, which makes up the bulk of employers in Australia. (Almost 98% of businesses have 19 employees or less).

Many SMEs assume suppliers of services such as Google, banks and Xero have taken care of the issue, but this is often not the case.

Yes, cyber issues can be overwhelming. No longer confined to local robbers in balaclavas, business is now exposed to organised gangs of global cyber criminals in what has been described as a “lucrative cottage industry”.

One training sole trader admits, “I’ve done nothing” and “we should change all our passwords and spend some time on internet security but we haven’t,” while another simply says: “I don’t even know where to start.”

But insurers are exasperated that easy to hack choices like passwords or the company name are still favoured access points, and simple mitigation efforts are too often overlooked. Now they’re insisting companies seeking cyber cover jump through a series of hoops before they will offer cover.

As a business owner or manager there’s quite a lot you can do yourself to limit your cyber exposures. There’s a lot of “low-hanging fruit” – cheap and easy measures – small businesses can introduce as a starting point. For example, implementing a virtual private network (VPN) to control access to data – especially for remote workers – or securing the cloud with authorisation.

Multifactor authentication, encrypted and tested backups, privileged access management and protection of end-of-life systems are other widely urged measures that you can undertake yourself. And remember that your willingness to actively address your company’s cyber exposures makes you a more attractive risk for insurers to take on.

Bearing that reality in mind, remember that apart from presenting your case to cautious insurance underwriters we can also help you find more ways to thwart the cyber crooks.

The US Government recently warned that more frequent cyber attacks are the “new normal” for companies and individuals.  It’s the same with Australia.

Mr Cameron says “the broker can really be a forward thinker and leader – really open the business owner’s eyes to something they are probably in denial of having to address”. We’ll be happy to show you what he means. Just give us a call.
General Advice Warning: This advice is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is appropriate for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the relevant product disclosure statement.

All information above has been provided by the author.


Adroit Insurance & Risk, ABN 75 078972 700, AFSL 244 348

This article originally appeared on Adroit Insurance & Risk Blog and has been published here with permission.

Comments (0)

Related insurance brokers

Review rating
168 reviews

Featured Featured

Daniel Ufer

Priority Insurance Brokers

  • Typically replies within
    a few minutes
  • Review rating
    27 reviews

    Featured Featured

    Abbie Wilson

    National Insurance Brokers

  • Typically replies within
    a few hours