Without protection, you may be putting your personal assets at risk.
- If you are offering advice within your profession and a loss is suffered by the third party, you may be held liable
- Often the value in a Professional Indemnity policy is the defence costs
- Insurance companies are able to quickly appoint specialist legal representation with knowledge of your field of expertise.
- Without insurance protection you may be putting your personal assets at risk
- Speak to your broker about the benefits of Professional Indemnity Insurance
Professional indemnity insurance originated from a professional persons duty of care at common law. You may ask, why would I need Professional Indemnity? Justice Kirby pointed out that it is important to ask yourself “Is the advice based on a skilful answer?” In the context of the business as a whole, what is being provided? Where you are offering advice and services within a particular profession and the third party suffers a loss arising out of that advice, you can be held liable for that loss. These causes of action against you would not be covered by a more general liability insurance policy.
Often the value in a professional indemnity policy is the legal defence costs. If the third party alleges your advice was negligence and/ or it caused them a loss, the insurance policy will pay for your legal costs to defend that action, regardless of whether the action is eventually baseless. In addition, the policy will pay for damages awarded against you, which is in effect an amount awarded to the third party to rectify or compensate for the error caused by your business.
Without such insurance protection professional persons put at risk their personal assets, the house and any other assets that you might own. It is often a misconception that the professional can set up a legal entity as a form of protection against this risk. By simply closing down that entity or ensuring it has no assets, this does not prevent the third party from suing you personally for errors caused.
On this basis Professional Indemnity Insurance is essential for asset protection. On numerous occasions a Professional Indemnity policy has saved the professional person from personal bankruptcy and the closure of their business. Whilst you may only charge a fee for services of say $50,000, your advice may result in an error that causes a financial loss of say $2,000,000. A client seeking compensation of this size would have substantial impact on your business’s future, without any reserves or a suitable Professional Indemnity in place. Specialist legal representation is a relief to policy holders in the event of a claim against them as Insurance Companies have a panel of solicitors well versed in Insurance Law and the policy holder’s occupation waiting to defend the Insured party. Finding suitable legal advice independently and within your field of expertise can be both difficult and costly at short notice.
It is professionally prudent to carry Professional Indemnity insurance. To operate without coverage is arguably exposing your clients to unnecessary risk and may deter a client from employing your services. It is not only protection for yourself; it is also protection and a form of risk management for your clients. If you make a professional error, there is an insurance policy to put your client back into a pre loss position, in effect restitution.
It is common for Professional Indemnity policies to cover the principals and the employees of the company. This usually means the policies specifically exclude any cover for sub consultants in their own right. If you are the employer using sub consultants ensure they have their own cover. If you are acting as the sub consultant, check and find out if you are in fact excluded by the employers Professional Indemnity policy. If so you are legally exposed. Your concern is not whether the employer engaging you will sue, the exposure is that their Insurer is certain to sue you if they feel that in any way you contributed to the alleged loss through a subrogation action.
A caution to you, signing contracts can have the potential to impact upon your insurance cover! A common issue we find faced by Contractors is that they are often expect to sign a contract before they are engaged and the contract can be a minefield of onerous terms and conditions placed on them. An important issue to consider is that most Professional Indemnity Insurance policies have an Assumed Liability exclusion. What this means is that if you enter into a contract and hold a third party harmless (i.e. carry their loss or agree to not be able to pursue them for contributory negligence) then you may have just prejudiced your Insurer as they will not be able to take action against this party. This clause allows the Insurer to reduce the cover under your policy by the amount they have been prejudiced by you signing up to these contractual warranties, guarantees or indemnities.
Austbrokers Countrywide can assist clients who have Insurance polices through our office by reviewing their contracts to determine if there are any Insurance and indemnity clauses which may impinge upon or threaten the level of cover under their Professional insurance. Seek professional advice when reviewing contractual exposures. Always aim for contracts to be proportionate in nature, that is, each party will be liable for their own losses and their own negligence.
Professional Indemnity is essential for a business providing advice and professional services. The points outlined above make it clear that it a necessary annual purchase to protect both yourself and clients.
Cybersecurity is applicable for most businesses. Austbrokers Countrywide share 3 cyber scenarios that have created risk and exposure. If you want to learn more, get in touch with Austbrokers Countrywide.
“I don’t have cyber exposures”
“My business is too small”
“I haven’t got a website”.
These are common responses when contemplating the effect of Cyber Privacy and Crime on a small to medium enterprise. However, these three claims scenarios provided by the largest team of dedicated cyber underwriters, CFC underwriting Pty Ltd (Lloyds of London) may surprise you and demonstrate the types of exposures we all face even as a small business not operating on-line point of sale portals or advice on-line.
Three factual claims scenarios
1. Malware Theft
Hackers sent a phishing e-mail with a bogus word document attachment to a member of the accounts team within a small firm of accountants. Upon opening the attachment, a piece of key logging software was automatically installed which allowed the hackers to gather crucial access data and then log into the firm’s bank portal with the credentials of one of their users.
The insured was contacted by the bank after the hackers had initiated several wire transfers and ACH batches from the insured’s account to accounts located in Nigeria. After checking with the user whose credentials had been used to instruct the transactions, the firm instructed an IT forensics company to establish what had happened and to remove the malware from the system.
After managing to recall some of the wire transfers, the firm were left with $164,000 lost in theft of electronic funds and costs of $15,000 for IT forensics work.
The head GP at a private doctor’s surgery switched on his computer on a Monday morning to be greeted with a message stating that every single patient record on the network had been encrypted and that a sum of $30,000 was to be paid in bitcoin in exchange for the decryption key.
The insured contacted an IT forensics firm who confirmed that the level of encryption meant that it was going to be almost impossible to access the data without the encryption key and that the only other alternative was wiping the network of the ransomware which could lead to all data files being deleted. It had been a week since the last software back up, meaning critical patient data would be lost – and so the ransom was paid. Forensics were then engaged to remove any remaining malware from the network at a cost of $10,000.
3. CEO Fraud
A fraudulent yet almost identical looking e-mail address for the Managing Director of a medium sized building contractor was created by fraudsters who used it to instruct an individual in the accounts department to make a wire transfer payment of $50,000 to a new materials supplier. The e-mail stated that the new supplier was being used to source additional materials for a crucial job and that payment had to be made urgently to secure delivery of the goods.
The e-mail was sent whilst the MD was on holiday so that no face to face verification could be made. The account to which the funds were transferred actually belonged to the fraudsters who were able to retrieve the money before the transaction could be recalled.
Cyber liability insurance policies (also known as “data breach” insurance) and their coverage vary dramatically by insurance carriers. For a business, choosing the right cyber liability insurance policy can be a challenge. Working with a knowledgeable insurance broker who has experience with cyber liability insurance policies can reduce the challenges.
Before you start shopping, though, there are a few things you need to do to get ready:
1) Assess your cyber hygiene
Before applying for cyber liability insurance, your company should have policies and procedures in place that show they are protecting and securing their data as well as enforcing their security and privacy policies. While cyber liability insurance can help businesses mitigate risks, it cannot replace good cyber hygiene.
2) Evaluate your needs and priorities
Has your business assessed its risks for a data breach? Depending on your industry, your risk for a data breach may be considered anywhere from minimal to very high.
Has your business conducted a risk assessment? Evaluate, identify and mitigate any gaps in your privacy and security programs prior to applying for a cyber liability insurance policy. The risk assessment can help you assess your needs for cyber liability policy coverage matched to your business vulnerabilities.
3) Predict your data breach
Once you have assessed your risks, you will want to think of as many possible data breach scenarios as you can that could happen to your business. The purpose of this exercise is to arm you with potential data breach scenarios and prepare you to go on a search, with a knowledgeable insurance broker, for a cyber liability policy that fits your needs. While this may seem like a time-consuming process, it could help ensure that you’re covered in the event one of these scenarios happens. The whole purpose of purchasing cyber liability insurance, after all, is to ensure that you are protected from potential risk.
After these three steps, you are ready to compare different cyber liability insurance policies.
*Disclaimer: Conditions apply for each policy and the information expected from you for a policy to trigger. Coverage may differ based on specific clauses in individual policies. Please ask your broker to explain the additional benefits and exclusions pertaining to your policy. The information provided is general advice only and does not take account of your personal circumstances or needs.
Cyber Security and Your Business
The Australian Cyber Security Centre reports that hackers are not about to give up their attempts to breach cyber security protocols to target businesses within Australia. The money and power available through cyber attacks are just too alluring for those who are willing to risk breaking the law for the love of money.
Cyber attacks are why business owners need to make it a priority to learn more about cyber security. While the Government does its best to partner with industry to stop threats in their tracks, businesses need to be vigilant while online.
Preventative Measures Needed to Shore up Cyber Security
Without preventative measures, a business’s computer system may be vulnerable to those who would like to commit a cyber attack, such as hacking or holding its files for ransom. That’s why businesses must back up files frequently to off-site storage, a separate hard drive, or to the cloud. Make sure that your systems, devices, and account passwords are strong and frequently updated. Even better, confirm that the security system is updated often.
Without adequate cyber security, not only is equipment at risk but also your business finances. Cyber thieves can steal a person’s identity and make off with his or her money. The havoc they wreak with a business’s data and equipment can cause a drop in productivity as well as a lessening of customer trust. In the end, a cyber security failure can lead to a loss of customers.
A Safety Net Needed in Case of Cyber Security Failure
Even the most carefully crafted plans are sometimes not enough when it comes to cyber security. With hackers becoming more proficient by the day, there may come a time when they break into your system. That is why your business should consider cyber security insurance.
Cyber Security Insurance
As a standalone policy, cyber security insurance can help businesses recover from the data loss that results from security breaches. Some cyber security insurance policies even cover other online disasters such as massive outages which cause a major interruption in service.
Cyber Security Insurance for Small Business
Most small businesses think these types of problems will never happen to them. After all, they are only a small business and presume that hackers have more important things to do than to harass a small business.
As countless small business already know, that would be a false assumption. It is not only large businesses that fall victim to hackers’ ploys. Other, more minor players do target small businesses. In fact, research shows that more than 70 percent of cyberattack victims are small businesses. Are you prepared to handle these sorts of attacks?
What Type of Cyber Security Insurance Policy Does a Business Need?
Usually, a business needs some sort of first-party coverage. It will protect a company against losses from events such as:
- Lost opportunities to do business
- Damaged data, software, or other digital assets
- Increased operational costs due to the incident
- Ransom demands for compromised data
- Financial loss from cybertheft
If a company manages a network or system that holds others’ data, the company may want to consider third-party coverage as well. This kind of coverage can protect the company from costs incurred from:
- Employee-caused security breaches
- Lost or stolen customer data
- Notifying all your customers about a security breach
Other types of insurance coverage, depending on the policy, may provide additional compensation. This includes violations of intellectual property rights, damaged reputations, and defamation.
Not all business insurance policies cover every aspect of cyber security. It is up to the company’s manager, then, to read over the policy carefully. Asking an expert insurance broker with experience in cyber security can help you understand the complexities of different policies.
Naturally, this significant responsibility requires that companies find an insurance broker they can trust. For that, Advisr can help. At Advisr, you can find the most qualified insurance brokers for your specific needs. From there, you can connect directly with the insurance broker of your choice.
How to Prepare for a Cyber Attack
Prepare for Cyber Attacks by Forewarning Employees
The adage, ‘forewarned is forearmed’, couldn’t be more appropriate when it comes to a cyber attack.
Experts advise businesses to warn employees and management about the insidious ways hackers try to get to a company’s financial and customer data. Many phishers even use social media posts to gain trust—and therefore access—to a company’s files to steal.
Outsource Cyber Security If You Can’t Afford Your Own Department
Most small- to medium-sized businesses can’t afford a full-time cybersecurity staff, let alone one with cutting-edge expertise. Those businesses should consider outsourcing security to managed services or a cloud service that does have the manpower and expertise to keep a close eye on their security. Those who do are the most successful.
Monitor Employee Activity for Cyber Attacks
Some cyber attacks happen at the hands of employees. Have sensible restrictions in place to guard your sensitive data from unscrupulous employees.
Make It Difficult for Cyber Attacks to Occur
People don’t leave their office doors unlocked—so why would one do the same thing for their computers and routers? Stiffen security with strong passwords, with frequent security system updates, back up data frequently, encrypt data, and use egress filtering to make it difficult for hackers to get into the system. The more precautions taken, the more likely cyber criminals are to choose a more vulnerable victim.
Protect Home and Business with Cyber Attack Insurance
Finally, for complete peace of mind, consider insurance that can protect businesses or individuals from financial loss, should a cyber attack occur. To find an insurance broker you can trust to provide adequate cyber insurance coverage in case you are impacted by a cyber attack, choose someone whose ratings and reviews from other customers just like you show that they’re capable of handling your insurance needs.
For that, look no further than Advisr.com.au. Our rated and reviewed professionals are trustworthy, experienced, knowledgeable—and ready to serve.
How to Protect Your Business from Cyber Risk
Small businesses are just as vulnerable to cyber risk as are the world’s industrial titans. In fact, given today’s globally connected online environment, small businesses face more cyber threats than any other group. Unfortunately, these cyber attacks are on the rise, since they gain more sophistication with every new technological breakthrough.
Individuals and businesses need to take precautions now to minimise the chance of cyber threats. Here are some ways to protect both home and business from the growing threat of cyber risks.
Cyber Risk Protection Checklist
Don’t use the same password for every account. Mix letters and symbols, switching symbols with letters; for example, ‘$#ogun’ instead of ‘Shogun.’ Use inventive spelling. Combine languages. Never use numbers and letters in sequence, such as ‘abcde,’ or ‘54321.’ In a similar vein, don’t use generic words like ‘password’ or ‘passcode’. People who have difficulty remembering passwords can find an app or software tool, called a password manager, that will store passwords securely and generate them as needed.
Strengthen the security system:
Upgrade to a higher level of anti-virus software. Update it frequently to keep it current. Turn off any unnecessary services. Use two-factor authentication whenever possible for social media and other online accounts. The stronger the online security, the better the chance to avert cyber risk.
Have a backup system:
Consider cloud storage, an off-site service, or even a portable hard drive to back up files. Back up the files frequently to ensure less lost data in case of a breach.
Use patches to update your security system:
It doesn’t take much for a hacker to discover a vulnerability. Run security scans often to reduce the risk of cybercrime. Whenever a new patch comes in, update the system as soon as possible.
Use egress filtering:
Egress filtering keeps unauthorised, sensitive data and malicious software—should a device become infected—from leaving the home or business network.
Make sure that family members and employees are informed and proactive about security. Educate them about phishing and other scams that look like legitimate emails and phone calls, yet are actually ploys scammers use to get security credentials and other personal and corporate data. Don’t leave lists of passwords, documents with sensitive data, or credit cards lying around.
Even if a hacker doesn’t know a device’s sign-on password, they can break into its files with a thumb drive and a little know-how. Protect all of the device’s files from this insidious cyber risk with encryption software.
If something does go wrong, consult an information technology (IT) professional. Dealing with ransomware and viruses isn’t a DIY project. Consult an expert.
Get cyber insurance:
Protect both home and business from all types of cyber risk with an insurance policy tailored to their needs. Cyber liability insurance, too, may be a good idea, particularly if the business deals with its customers’ sensitive data.
Reduce Your Risk of Cyber Threats with the Right Policy
Find a trustworthy insurance broker that’s knowledgeable about cyber risk and how to best protect both home and business from dangers online. Find a trusted, experienced insurance broker on Advisr today.
Cyber insurance in Australia is a necessary purchase these days, with news of even more businesses getting hacked on a daily basis. When a business buys a computer or mobile device, the goal is to make life easier. That’s why it makes sense to insure that device and the data it contains with cyber insurance.
As Internet technology and usage grows even more across the country, so will the need for cyber insurance. In fact, the Australian Government’s Business.gov.au website reports an even greater need for this protection now more than ever before.
Cybercrime on the Rise in Australia
As Australian businesses depend more on online access for everyday tasks, criminals, unfortunately, have taken notice. Cybercrime has risen to new heights as hackers attempt to steal personal and financial information through security breaches and ransomware.
For that reason, many Australians have opted to purchase cyber insurance. Precautions such as updating and strengthening passwords, updating security software frequently, and buying data backup systems are definitely useful. But these steps may not be enough to fend off the most sophisticated cyber attacks. That’s why cyber insurance has become an essential way to better protect your business against the loss of data, equipment, and software.
Cyber Insurance Protects Against Potential Loss Due to Cybercrime
Investing in cyber insurance will give you peace of mind when it comes to protecting your business. Australian industry experts caution businesses that protecting customer data is well worth the investment. They need to protect themselves from the catastrophic loss that would occur should they lose all their data—or lose the funds in their bank account to a cyberthief.
Companies Should Consider Cyber Insurance
- To cover the costs of customer notification: Since businesses must now notify their customers when a data breach occurs, they need to look at the sheer costs involved in notifying their customers, let alone recover from the loss. Cyber insurance can recoup those costs and help the company get back on its feet.
- To cover financial loss: A loss of data can translate to hours and dollars recovering the information. If the company’s bank accounts also were breached, money may be gone as well. A cyber insurance policy can protect a company against such profound losses.
- To cover liability: What happens when a customer suffers such a loss that they feel the need to bring a lawsuit against the company? It pays to have an insurance policy that can cover any damages the Court awards to customers affected by the breach.
Small Businesses, Too, Need Cyber Insurance
Australian small business owners, too, should think long and hard before they overlook the idea of cyber insurance. After all, more than 70 percent of businesses who become victims of cyber theft are small businesses.
The time is now for companies to find the best cyber insurance in Australia for their protection. Do some research to find what type of coverage is necessary and then connect with an insurance broker who is an expert in cyber insurance. With such a broker by your side, you will receive the guidance you need to ensure you have the cyber insurance coverage you need.
Advisr.com.au connects you with insurance brokers you can trust that can handle your specific cyber insurance needs. Find a cyber insurance you can trust on Advisr.com.au today.
Cyber Insurance is a specific type of insurance that provides insurance against the loss caused by malicious cyber activity, commonly called cybercrime. Depending on the breadth of your cyber insurance, some cyber risks maybe covered by your cyber insurance policy, whilst other cyber risks maybe excluded.
Whilst cyber insurance won’t directly protect you against the cybercrime, it can provide an offset against the material business impact that cybercrime may have on your business.
What is Cyber Insurance?
Cyber Insurance offers an offset (insurance) against the financial, business and operational risks that businesses face from cybercrime activities.
A cyber insurance policy is sometimes referred to as cyber risk insurance or cyber liability insurance coverage.
In Australia, about 30% of businesses have experienced a cybercrime incident. Within the US, about one-third of businesses currently purchase Cyber Insurance coverage.
So what is cybercrime?
Cybercrime can take many forms and impact businesses differently. The Australian Cybercrime Online Reporting Network (ACORN) notes that some common types of cybercrime include:
- Online scams and fraud
- Identity theft
- Attacks on computer systems
- Illegal or prohibited online content
Cybercrimes are on the rise in Australia, with over six million Australians being victims of cybercrime in 2017, an increase of 13% from 2016.
Cyber insurance policies can offer protection against many different cyber risks where a business may be exposed. So ensuring that you understand what your specific individual risks might be and how you can reduce your direct exposure to them is critical.
Do standard business packs cover you for cyber insurance?
Some business packs might provide some coverage for cyber insurance, however, Cyber Insurance Brokers that are specialists in cyber insurance should be consulted to gain specific insight and advice that is tailored to you and your business needs. Many insurance brokers will offer to review your current business insurance policies and explore your possible cyber risks to help you understand if your insurance coverage is adequate.
Connect today with an insurance broker who specialises in Cyber Insurance.