A third of organizations in Australia and New Zealand now have some form of cyber insurance

Organizations in Australia and New Zealand are increasingly turning to cyber insurance as a way of helping to manage the risk of a security breach.

According to the second annual Cyber Security Survey (PDF) from accountancy and business advice firm BDO, 37% of companies now have some form of cyber liability insurance, up from just 28% last year.

Of those that do, around half have a standalone specialist policy, with the rest arranging cyber cover as an add-on to an existing insurance policy.

While most organisations were using a broker to arrange their cyber insurance, the researchers found, only 28% had undertaken a formal assessment process – internal or external – before buying their insurance cover.

“This lack of expertise and formal assessment approach could potentially leave organisations exposed in purchasing the wrong cyber insurance, which may not respond as expected in the event of a cyber-related incident,” the report’s authors say.

They advise to identify an organisation’s real unique threats and establish appropriate limits based on that risk exposure – including possible coverage for the actions and omissions of third parties.

Companies should also ‘test’ the effectiveness of a policy before buying it by examining how it holds up in various different scenarios, they say.

The survey coincides with a separate report (PDF) from insurance company Allianz, which reveals that cyber incidents now join business interruption as the leading risk for companies globally.

The financial risk, says the firm, can be enormous.

“Cyber incidents are increasingly likely to spark litigation, including securities and consumer class actions,” says Allianz. “Data breaches or IT outages can generate large third-party liabilities, as affected customers or shareholders seek to recoup losses from companies.”

A spokesperson for Australian insurance firm IAG tells The Daily Swig that it has been seeing a steady increase in the uptake of cybersecurity insurance policies in the region over the last three years.

“Cybersecurity has become one of the biggest issues facing businesses and individuals today,” he says. “Cyber insurance products are becoming increasingly important for business owners, and the growth of the industry has been exponential.”

RELATED Risky business: Navigating the murky waters of cyber insurance