The Insurance Council of Australia (ICA) has today welcomed a on cyber risk and the role of insurance in protecting against the impacts of cyber crime.
The report follows the ICA’s report paper, released earlier this year.
Both reports acknowledge that unprecedented growth in digitisation and connectivity has led to increased cyber risk.
Cyberattacks have been increasing in both frequency and severity, exposing businesses to compromised operations, regulatory breaches, and reputational damage.
Government plays a central role in promoting cyber security across the economy, including legislation to protect critical infrastructure and protect personal data, supporting businesses to lift their cyber security and responding to major threats.
Insurers play a role in improving cyber security by working with clients to reduce the risk of a damaging cyberattack and, in the event of a cyberattack, providing technical, legal, and financial support to investigate the source and deal with the consequences for the business and its customers.
Government should increase information to business and the community about cyber risk and promote simple ways, especially to businesses with limited resources, of improving cyber security, including reviewing existing standards.
Despite improving awareness of cyber risk, the role of cyber insurance is not broadly understood, and uptake of cyber insurance is still low relative to other classes of insurance particularly by smaller businesses.
The Insurance Council supports the finding in the Actuaries Institute report that one of the current limitations for insurers writing cyber insurance is a lack of available data.
By making data on cyber incidents available the Government could improve the understanding of cyber risk and the cyber insurance market and assist risk assessment by insurers.
Comment attributable to Andrew Hall, CEO Insurance Council of Australia:
This week’s extraordinary cyberattack on Optus and its customers demonstrates how important it is for large and small organisations to have robust cyber protections in place.
This chilling example reminds us that more needs to be done to protect businesses and organisations from cyber-attacks.
Working in partnership with government, insurers have a key role to play to help businesses protect themselves and recover from cyberattacks.
The Actuaries Institute provides yet another opportunity to discuss how industry and government can work in partnership to tackle this significant challenge.