Cyber security has become a critical issue for businesses and governments, with one incident reported on average every seven minutes according to the ACSC annual Cyber Threat Report.

‍

Bolstering Australia's Cyber Security

‍

The Australian government's budget showcases its commitment to improving cyber security across the nation. The budget includes:

• $101.6 million over five years (2022-23) to support and uplift cyber security in Australia, including the small business cyber wardens program, critical infrastructure protection, and resilience of Commonwealth entities
• $86.5 million to combat scams and online fraud, including funding for the National Anti-Scam Centre and other agencies
• $50 million over four years (2023-24) for additional enforcement and compliance activities to maintain the integrity of the migration system

These investments signal the government's ongoing commitment to cyber security, particularly with the upcoming Cyber Security Strategy 2023-30, which aims to make Australia the most cyber-secure nation in the world by 2030. While the public consultation process for the strategy closed recently, we expect more substantial cyber announcements in the coming months.

Higher standards from cyber insurers to secure coverage

While a robust cyber security strategy is essential, it is equally important to consider the role of cyber insurance in helping you to mitigate risks and respond to incidents. Cyber insurance can provide financial support and expert guidance in the event of a cyber-attack or data breach, helping you to recover quickly and minimise reputational damage. With the rise and growing severity of attacks, insurers are becoming more critical in accepting risks. That is why they are requiring an organised and proactive effort from organisations to manage their cybersecurity risks.

In 2023, insurers expect clients to have focussed their attention on cyber security practices, more than in previous years. It is reassuring to cyber insurers to know there are minimum levels of controls that can help limit the severity of an incident.

Insurance carriers and cyber underwriting practices will continue to evolve from a traditionally narrow focus on risk factors such as revenue, number of employees, record count, and industry class, to a wider underwriting lens, encompassing loss modeling tools and continual system scanning; both in-house and via outsourced IT security.

How to stay one step ahead

‍

Recent high-profile cyber attacks on companies like Optus, Medibank, and Latitude highlight the need for robust strategies to protect against cyber criminals and safeguard sensitive data.

A comprehensive cyber security strategy should include:

• Regular risk assessments to identify potential vulnerabilities and prioritize areas for improvement
• Employee training and awareness programs to ensure all staff understand the risks and their role in preventing cyber attacks
• An Endpoint Detection and Response (EDR) solution deployed across all endpoints
• Regular monitoring and updating of security systems to respond to evolving threats.
• A well-defined incident response plan to minimise the impact of a cyber attack and ensure a quick recovery

‍

Next Steps

‍

The Australian government's increased laser focus on cyber security in the 2023-24 budget highlights the growing threat landscape and the importance of businesses having a targeted strategy in place.

As we anticipate the release of the Cyber Security Strategy 2023-30, Honan is dedicated to supporting you throughout this process and keep you informed. Please see our Cyber Capability Statement or reach out directly to discuss your business’ unique needs.

‍

Ben Robinson

Placement Manager - Professional & Executive Risks

benjamin.robinson@honan.com.au