Do you process, transmit or store more than 10,000 financial transactions per year?
YesNo, less than 10,000
Do you use and keep up to date firewalls and anti-virus protection for all systems?
YesNo
Do you use third parties to complete audits of your system and security on a regular basis?
YesNO
Are all portable devices password protected? (mobile phones, laptops, tablets, etc)
YesNo
Do you have encryption requirements for all data including portable media?
YesNo
Do you have back-up and recovery procedures for business critical systems, data and info assets?
YesNo
Do you outsource any part of your network, including storage?
Yes, we use third party providers.No, all managed in house
Do you store sensitive information on web servers?
YesNo
Do you know of any loss payments, fines or penalties being made on your behalf?
YesNo
Are you aware of any matter which might give rise to a claim or loss under such insurance?
YesNo
Have you suffered any loss or claim but not limited to a regulatory, governmental or administrative action brought against you, or any investigation or information request concerning any handling of personal info?
YesNo
The applicant or any subsidiaries have any knowledge of any loss payments, fines or penalties being made on behalf of any applicant or any person proposed for coverage any cyber policy or similar insurance?
YesNo
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
Business Insurance Quote
Contact details:
Sections
Property & Contents
Yes, please quoteNo, thank you
Public & Products Liability
Yes, please quoteNo, thank you
Cyber Liability
Yes, please quoteNo, thank you
Theft & Money
Yes, please quoteNo, thank you
Computers & electronic equipment
Yes, please quoteNo, thank you
Business Interruption
Yes, please quoteNo, thank you
Machinery Breakdown
Yes, please quoteNo, thank you
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
Cyber crime & security tips from experts you can apply to your business
As cyber crime becomes more pervasive in business life the importance for employee education and security procedures is paramount. Norton has compiled a list of basic information on how you can prevent online fraud.
1. Keep your computer current with the latest patches and updates
Applying patches and other software fixes as soon as they become available is one of the best ways to keep criminals away from your sensitive information. Software manufacturers regularly update versions to include newly found software vulnerabilities that attackers could otherwise exploit.
While staying up to date will not stop all attacks, it can make the process more difficult and potentially discourage attackers from accessing to your system.
Most recent versions of popular software can be configured to download and automatically update, giving you a great start toward keeping your business secure online.
2. Make sure your computer is configured securely
Ensuring your online applications such as web browser, antivirus and anti spyware, online storage and email software are configured correctly is one of the most important areas to focus on.
Choosing the right level of security and privacy for a business depends on many variables and is best reviewed by your IT department or an independent security analyst.
Insure your business against cyber crime.
3. Choose strong passwords and keep them safe
We use passwords frequently for everything from online banking, social media and shopping to logging into our favorite airline Web site. As a result, choosing a strong password that cannot easily be guessed has never been more important to prevent becoming another victim of cyber crime.
Typically a strong password will have 8 or more characters and use a combination of letters, numbers and symbols (e.g. #3%9&@6). Avoid using any passwords which use your login name, are based on personal information such as name or date of birth and avoid words in the dictionary. Keep your passwords in a safe place and make sure not to use the same password for multiple online services.
Resetting passwords regularly or at least every 90 days can also limit the damage caused by an attacker who has already gained access to your account.
4. Protect your computer with security software
Security software necessities include firewall and antivirus programs. A firewall is usually your computer’s first line of defense-it controls who and what can communicate with your computer online and isolates bad traffic such as attacks from ever reaching your system.
The next line of defense is more often than not, antivirus software. Most antivirus software is designed to monitor all online activities such as email messages and web browsing and protects an individual from viruses, worms, Trojan horse and other types of malicious attacks. Spyware and unwanted programs such as adware are usually picked up from a good antivirus package like Norton Antivirus, McAfee Antivirus 2017, Kaspersky 2017, Avast Pro Antivirus and Bitdefender total security.
Insure your business against cyber crime.
5. Protect your personal information
It is always prudent to exercise caution when sharing personal information online such as your name, address, contact number and email address. As more online services require your information for subscriptions, newsletters and shipping your purchases it is nearly impossible to transact online without divulging personal details.
Keep an eye out for suspicious or fraudulent email messages – Suspicious messages with misspellings, poor grammar, odd phrasings and website addresses with strange extensions
Don’t respond to email messages that request personal information – Legitimate companies will not use email messages to ask for your information. When in doubt, contact the company
Avoid fraudulent websites which are used to gather personal information – Fraudsters often forge malicious links to make them look convincing
Pay attention to privacy policies on websites and in software – It is important to understand how an organization might collect and use your personal information before you share it with them
Guard your email address – be careful when posting your email address online in newsgroups, blogs or online communities
6. Online offers that look too good to be true usually are
“Free” software and guides such as screen savers, investment tricks, emoticon packs, contests and instant millionaire guarantees are some of the alluring attention grabbing techniques these companies use. The software or guide usually comes packaged with hidden advertising or monitoring software that tracks your behavior and habits ultimately being given to another group without your knowledge.
Ultimately, the old saying “if it seems too good to be true, it usually is” is again accurate.
7. Review bank and credit card statements regularly
Identity theft and online scams can be greatly reduced if caught promptly after your data is stolen or when the first use of your details is attempted.
Reviewing your monthly statements and online banking transaction history regularly is one of the easiest ways to stay on top of and report any incidents to your bank and credit card providers. Many financial institutions use fraud prevention services to identify unusual purchases and prevent the transaction in real time before any funds are charged, these systems are not perfect though and some transactions are still approved.
If your bank catches the transaction they might call you to confirm the unusual order, don’t ignore these calls as they are a good sign something or someone is attempting to access your details which are now compromised.
Trade secrets stolen in cyber attack on ThyssenKrupp AG
One of the world’s largest engineering firms ThyssenKrupp has released a cyber security statement. The release indicates they have been the victims of “organised, highly professional hacker activities” earlier in 2016.
The corporation consists of 670 companies worldwide. While ThyssenKrupp is one of the world’s largest steel producers, the company also provides components and systems for the automotive industry, elevators, escalators, material trading and industrial services. As of a 2009 reorganization, it is structured into eight business areas that fall under two major divisions, Materials and Technologies
“The incident is not attributable to security deficiencies at Thyssenkrupp. Human error can also be ruled out. Experts say that in the complex IT landscapes of large companies, it is currently virtually impossible to provide viable protection against organized, highly professional hacking attacks. Early detection and timely countermeasures are crucial in such situations. Thyssenkrupp has been successful in both respects” stated Robin Zimmermann, head of external communications.
The breach which was discovered in April 2016 after a series of additional breaches were discovered by the company’s internal security. The original breach was traced back to February 2016 and was caused by hackers located in southeast Asia.
Trade secrets and project data have been stolen from the plant engineering division. Other areas are still yet to be fully investigated in what is now the second major cyber breach since 2012 for the engineering giant. In 2012 TKAG and Airbus parent company EADS had also been targeted by Chinese hackers. In September 2015 China and the U.S. agreed not to target each other for cybertheft of intellectual property. This is a major step in the right direction and indicates their compliance with these tactics towards other targets.
Insure your business against cyber crime.
“It is important not to let the intruder know that he has been discovered,” a spokesman said. The news of the breach was not publicly announced until the company had cleansed the infected systems in one global action and implemented new security measures to monitor its computer network.
Within its marine systems unit, which produces military submarines and warships no breaches have been found.
The Australian federal government has successfully appointed Craig Davies as CEO for the new not-for-profit company Australian Cyber Security Growth Network Ltd in December 2016.
For the past 3 years Craig was previously the head of security for Australian enterprise software giant Atlassian. Mr Davies has over 25 years experience in the industry and has been a long time advisor for start-ups on security.
Insure your business against cyber crime.
Greg hunt, minister for innovation has stated “[The centre] will bring together industry, researchers and governments to create a national enterprise that will provide the foundation for the development of next generation products and services needed to live and work securely in our increasingly connected world,”
The new centre which was announced earlier this year as part of the national innovation and science agenda will cost $32 million and be positioned next to Data 61’s national cyber security centre in the Docklands.
Mr davies will be joined by Data61’s Adrian Turner and Doug Elix as the centre’s joint chairs.
As technology steamrolls ahead at an alarming rate so does the possibility of a cyber threatsfrom not just an external hacker but also from an organisations own workforce.
Earlier this year at a Risk and Insurance Management Society forum in Melbourne experts from around the globe gathered to discuss the future of cyber insurance for commercial and government exposures.
Using untested equipment(USB devices, laptops, tablets, phones) which have been infected on work equipment
Malicious damage by IT staff who had access to the system after dismissal
Carla Liedtke, Asia-Pacific Director of Control Risks stated “There are four groups initiating cyber threats, starting with criminals looking to extort money, the second group is national states, and there are 60 countries in the world with cyber programs.
“The third group is ‘hacktivists’, who have a cause to push, but all these can work with people within the organisation.”
Ms Liedtke says internal threats can be driven by money or sympathy for a cause and innocent staff unwittingly opening emails with malware links can also activate attacks.
“Today it is not a question of if you will you suffer a cyber attack, it is when. It is important to have clear, defined roles in the threat crisis team when the attack does occur.”
Tricia Hobson, Partner at Norton Rose Fulbright spoke about a lawyer’s role to mitigate the risks which follow a cyber breach.
“It is important to know who you tell of a security breach,” she said. “In Australia there is no mandatory obligation to notify of breaches.”
The US has breach reporting laws, but they are different in each state. This would affect an Australian company with overseas customers if credit card details were stolen, Ms Hobson says.
“Australia is now the second most litigious country in the world, and a breach is a ready-made class action.
In a joint study with Cambridge University, the Lloyd’s insurance giant has ranked Sydney 12th out of 301 global cities in terms cyber attack exposure with $4.86 billion ($6.36 billion) of GDP at risk for 2015 – 2025.
In its City Risk Index 2015-2025, Lloyd’s also ranked other Australian cities in the study, Melbourne’s economic risk was measured at $US3.87 billion ($5.06 billion), followed by Canberra at $US2.8 billion ($3.66 billion).
Brisbane’s risk was $US2.05 billion ($2.68 billion), Perth’s $US1.83 billion ($2.39 billion) and Adelaide’s $US1.01 billion ($1.32 billion).
Globally, Lloyd’s warns that $294 billion is at risk as attempted and successful cyber attacks become more prevalent.
“We are living in a world where people carry a globally connected supercomputer in their pocket and almost every important work document is stored in the cloud, on servers or online. The result is an explosion in the potential for cyber risk.” Lloyd’s Global CEO Inga Beale stated during a recent visit to Sydney.
“The latest series of high-profile data breaches is just the beginning,” she said. “With the emergence of the Internet of Things, the potential for cyber risk is enormous.”
Lloyd’s has seen the amount of Cyber Insurance coverage increase 168-fold in the past two decades in Australia with more businesses seeking to protect themselves.
In the US 25% of businesses now have cyber insurance. Europe should catch up after the EU introduces its General Data Protection Regulation in 2018.
The regulation, with implications for Australian business holding European customer data, requires disclosure of breaches to national data protection authorities and potentially affected individuals.
