Aon: Cyber Insurance
Cyber risk and solutions
Small to medium businesses (SME's) in New Zealand are facing an increased threat of security breaches that can affect everyday systems leading to disruption of work flows, additional expense and the loss of critical business and client information.
Managing the risk of human error, criminal activity or nuisance for any business is a relentless task and even more so for SME's who have limited budgets and resources to monitor or fend off such attacks.
These issues continue even when business functions are outsourced to 'rusted' third parties such as IT, marketing, payroll processors, data back-up and cloud service providers.
Could your business sustain a loss between $10,000 and $100,000+?
You may have an exposure if you
What is the scope of cyber coverage?
Policies in the New Zealand market can cover the following:
- 24/7 crisis response team including IT, PR and Legal assistance
- Forensic Investigators to work out issues and get the business up and running
- Loss of income and extra expense during the cyber event
- Costs to restore or recreate data or software
- Notification/management costs (credit monitoring, forensic costs, public relations, legal)
- Cyber extortion - costs to retrieve data or systems held at ransom
- Phone or system hacking - e,g, running up unauthorised phone bills
- Legislative/Payment Card Industry compliance investigations and fines
- Liability from wrongful disclosure of information in your care
- Website and advertising activities causing defamation or infringement of intellectual property rights
Cyber Event Scenarios
A virus infection was discovered on office desktop workstations, servers and ancillary devices including printers.
The virus left the computer systems impaired, requiring clean-up work to restore normal operation.
There was no apparent loss of data or privacy breach.
This incident was minor relative to many cyber claims, due in part to the speed of response. No legal or reputational costs were incurred however it is advised that costs in the region of $35,000 were paid in relation to data restoration and business interruption.
Rogue Employee deletes information
A disgruntled employee resigned from an insured law firm erased all accessible hard drives and removed the firm's intellectual property and primary information from back-up systems.
A response team worked closely with the firm to recreate all of the applications and information that had been erased. The insurer estimates $300,000 in costs were reimbursed to the insured.
The IT manager of an motor vehicle parts business discovered that a file which was not part of the company's website was being used to steal payment card information.
The insurer reports the claim cost in the region of $10,000, the majority of which was in respect of forensic auditor costs.
A professional services firm was billed an additional $30,000 for what turned out to be unauthorised international calls made from a company phone. Had the firm had appropriate cover in place for telephone hacking these costs may have been covered.