Security Advisory

Cyber Insurance Costs Rise 40%

Read Time 3 mins | 07 January 2025

Australian businesses are witnessing an alarming surge in cyberattacks, with ransomware, malware, and phishing emerging as predominant threats. Many Australian businesses are becoming frequent targets of these sophisticated cyber incidents, leading to substantial financial losses and a notable increase in insurance claims. This rise in cybercrime has consequently driven up insurance premiums, with some Australian companies experiencing increases as high as 40%.

In response to this escalating threat environment, Australian insurers are tightening their underwriting standards. They now demand more rigorous cybersecurity measures from businesses before offering coverage.

Key Factors Contributing to Increased Premiums

The following key factors are the key contributors for Australian businesses' rise in Cyber insurance costs:

  1. Increased Cyber Threats: The surge in remote work has led to more cyber threats, such as ransomware attacks and data breaches, resulting in more insurance claims. This increased frequency and severity of attacks force insurers to raise premiums and tighten underwriting requirements.

  2. Higher Costs of Cyber Incidents: The average cost of a data breach is now $4.45 million. This high cost makes going without cyber insurance a risky decision for businesses. Insurers are also more selective, offering stricter terms and conditions.

  3. Demand for Robust Cybersecurity Measures: Insurers require businesses to demonstrate robust cybersecurity practices, such as multi-factor authentication, regular patching, and comprehensive incident response plans, to qualify for coverage. These measures are crucial for obtaining and maintaining cyber insurance.

  4. Market and Economic Factors: The cyber insurance market has seen increased demand, but also increased uncertainty. The growing number of policies and the escalating costs of cyberattacks have made it challenging to price and offer coverage. This has led to reduced coverage limits and higher premiums for high-risk sectors like healthcare and education.

  5. Talent and Resource Challenges: The shortage of skilled cybersecurity professionals has driven up the cost of hiring and retaining talent, further increasing operational costs for organisations. This shortage also impacts the effectiveness of cybersecurity measures, contributing to higher risks and insurance costs.

What You Can Do To Reduce Your Premium

Reducing your cyber liability insurance premium involves several strategic measures to enhance your cybersecurity posture and demonstrate to insurers that your business is a lower risk. Here are some key steps you can take:

  1. Implement Robust Cybersecurity Hygiene:

    • Multi-Factor Authentication (MFA): Ensure MFA is enabled for all critical systems and sensitive data access points.

    • Regular Software Updates and Patch Management: Keep all software, systems, and applications up to date with the latest security patches to prevent exploitation of known vulnerabilities.

    • Encryption: Encrypt sensitive data both at rest and in transit to protect it from unauthorised access.

    • Firewalls and Antivirus Software: Use firewalls and antivirus software to detect and block malicious activities​.

  2. Conduct Regular Security Assessments:

    • Vulnerability Assessments and Penetration Testing: Regularly test your systems for vulnerabilities and address any weaknesses found.

    • Risk Assessments: Conduct comprehensive risk assessments to identify potential threats and mitigate them proactively​.

  3. Develop and Maintain Cybersecurity Policies and Procedures:

    • Incident Response Plan: Have a clear and tested incident response plan in place to quickly respond to and mitigate the impact of cyber incidents.

    • Employee Training: Conduct regular cybersecurity training for employees to raise awareness about common threats like phishing and social engineering​​.

  4. Documentation and Reporting:

    • Detailed Documentation: Maintain detailed records of your cybersecurity measures and improvements. This documentation can be shared with insurers to demonstrate your commitment to security.

    • Incident Reporting: Promptly report any security incidents and your responses to them. This shows that you are actively managing risks​​.

  5. Choose the Right Coverage:

    • Tailored Policies: Work with your insurance broker to customise your policy to fit your specific needs and risks. Avoid paying for unnecessary coverage.

    • Competitive Bidding: Get quotes from multiple insurers to ensure you are getting the best rate for the coverage you need​​.