Top 5 cyber insurance myths debunked

Top 5 cyber insurance myths debunked Cyber-attacks and cybercrime have been a hot topic for the last few years. Every week there’ s a new update on cyber risks to business, the likelihood of an attack and big news stories such as WannaCry, Red Cross and Ashley Maddison. At Aon, we know that claims are on the rise, and we all know that Data Breach Notification Laws are here to stay. But what is the actual risk to you? And if you are a small business do you really need insurance? We tackle a few common cyber insurance myths and present some local cases and statistics that may help you decide if the risk is worth the cost.

1. “I am not a large business, cyber is just not an exposure for me.”
Hackers are increasingly targeting small businesses as that data security tends to be less advanced than larger businesses. In The Small Business Cyber Security Best Practice Guide, the Australian Small Business and Family Enterprise Ombudsman asserts that:
• 43% of cybercrime targets smaller businesses
• 22% of smaller businesses hit by cyber-attacks are so badly affected they cannot continue operating.
• 60% of smaller businesses that experience a significant cyber breach go out of business within the next 6 months

2. “My IT guy knows his stuff, he is a guru.”
Firewalls, a quality IT team and antivirus protection are all great strategies around data protection, but they are not the silver bullet. Ask yourself this, how could companies Yahoo, JP MorganChase, eBay and Target Stores with their large IT teams and robust IT systems still experience data and security breaches , resulting in significant financial losses running into the millions, as well as reputational damage to their business?

3. “We don’t hold credit card or financial records why would someone want to target my business?”
For a small business, like a chiropractic practice, the bigger risk is the interruption to your business even though you might not have such sensitive information as credit card data or financial records. The cyber-attack may include social engineering or cyber extortion. As a small enterprise you are more likely to have unique product offerings, client information, invoicing and payment records. You may also have intellectual property that has been built over years of operation which is key to your success and also an asset within your business. It is not necessarily about the data being useful to the hacker; it’s how the data and records are useful to your organisation, and important, how well (or how long) your business could function without them.

4. “I outsource to a Cloud provider – they’ll take care of it.”
When outsourcing to a third party (60% of Australian companies use cloud computer services), you don’t outsource your liability or responsibilities for the data that is managed externally. You will still be liable if a breach occurs at your service provider’s end. If your clients are providing you with their information (whether it be corporate information or personal), you have a duty of care, and are responsible for the safety of that information.

5. “I’ve got insurance, I am fully covered for any cyber exposure.”
Are you? Traditional professional indemnity insurance policies were never designed to cover cyber risks and will only ever provide partial cover, if any at all. It is important to do your homework and clarify what is covered in your professional indemnity insurance policy and what limitations are associated with it. If you do your research and find out that your professional indemnity policy does not have any cyber cover or very limited cyber cover, then you might want to consider getting cyber insurance. Cyber insurance helps to protect you against certain cyber related threats, such as unauthorised access to your computer system of network resulting in loss or theft of data. To find out more about cyber insurance or get a quote please visit, email or call 1800 805 191.
Print Friendly, PDF & Email
As a featured guest at the 2021 Chiropractic Australia Summit Online, Dr Andrew Vitiello delivered a timely and insightful presentation about overcoming internal and external roadblocks that can arise throughout the CPD process. Dr Vitiello shared a number of key insights into how to avoid overwhelm and uncertainty on the learning journey, as well as how to apply a metacognitive approach to shifting our perspective to see CPD as an exciting and transformative opportunity to grow; rather than merely a necessary obligation to fulfill our requirements as registered healthcare professionals.
After graduating from RMIT University in 1994, Dale spent three months at the Royal Saskatoon Hospital, Saskatchewan, Canada before returning to Australia in 1995, Dale commenced work as an associate at the Heidelberg Chiropractic Clinic and took over as principal in 2000. Dale’s practice focuses on general chiropractic practice and incorporating evidence-based practice with low tech rehabilitation. Through his position on the Chiropractic Australia board, Dale has been integral in the development of compliance issues for chiropractors and their clinics across Victoria.
With registration renewal process opening shortly for chiropractors, Chiropractic Board of Australia Chair – Dr Wayne Minter AM – has provided a summary of key topics and guidance regarding the annual requirements; from covid-safe CPD opportunites, to first-aid training, financial hardship and compliance with advertising regulations. At renewal, you will be asked important questions about how you are meeting the Board’s registration standards including criminal history, professional indemnity insurance, recency of practice and continuing professional development.

Member login

For latest COVID-19 updates in your State
This is default text for notification bar