follow us
Planning your next holiday? Find an ATAS accredited agent here » ATAS Logo


If you're a new user and do not yet have a username/login.

Register Now

Participant Zone

Accredited ATAS participants click here for access to the secure business support area.


Returning users log in to commence or access your ATAS application.

My AFTA Login

News Hub

« Back

Cyber Attacks | No Business Is Safe

27 April 2022

Cyber-attacks and Data Breaches in Australia are on the rise. Attacks can be diverse and can range from a simple server hack from an unknown third party to ransomware attacks and phishing emails.

    • Ransomware is a form of malware which can disable your systems. This form of virus can lock down files and sensitive data of yours and your clients and held for ransom in exchange of huge sums of money.
    • Phishing emails are targeted to the receiver and can either involve a request from the sender to transfer funds or the email itself includes a dangerous link or file, the sender is usually acting as a trusted third party, it could be either a customer, client or a business you regularly deal with.

Cyber-attacks are not limited to one industry or type of business. These events have reached small local businesses to global corporations. In recent events, we have even seen our own Government being affected by a data breach.

IBM Security in partnership with Ponemon Institute released their 2021 Cost of a Data Breach Report. Their key findings are that the year 2021 had the highest average cost of a data breach in the 17-year history of this report. Data breach costs rose from USD 3.86 million to USD 4.24 million. The most common initial attack path, compromised credentials, was responsible for 20% of breaches at an average breach cost of USD 4.37 million.

Businesses large and small are facing massive expenses and increased likelihood of events. All businesses collecting and/or dealing with personal information in Australia should review their privacy procedures to ensure compliance and put in place risk management measures to make sure the financial impact of such a breach does not impact on the organisation.

Risk Management

    • Incident Response Team and Plan– by having a dedicated person and or team to arrange an incident response plan when an event occurs will allow a response to an event to be implemented quickly. This can help mitigate damages and costs.
    • Encrypt Data – with all employees accessing network via many different types of mobile devices (from mobiles to laptops) a breach can occur from simply losing a phone. If the device is lost or stolen, the data cannot be used which will mitigate the potential exposure.
    • Network Security Policy – A current and enforced network security policy should outline the organisational rules for appropriate use of an organisation’s computer resources. The policy should include strong password protocols, website access and usage restrictions and appropriate email usage.

Insurance: Cyber Security & Privacy Protection

Cyber Insurance Policies are available in the market for all types of businesses. The purpose of these policies is to assist you when a Cyber-attack or event occurs. Cyber policies provide cover not only for the financial consequences of an attack but also offer covers such as 24/7 incident response hotline to assist you in the first instance of an attack and a Public Relations service to support your business in maintaining its image, reputation and customers trust after an event.

The other coverages that can be obtained are:

Third party coverage for:
    • Security and privacy liability including cover for regulatory proceedings defence costs
    • Civil fines and penalties cover
    • Internet media liability

First party coverage for Privacy breach costs including:
    • Forensic investigation expenses of a company’s computer system to determine the cause and extent of the privacy breach
    • Cyber Extortion Threat and Reward Payments
    • Cost of notifying client or data compromise
    • Digital asset replacement expenses cover
    • Business income loss

Gow-Gates specialises in this type of risk placement, so if you believe that this issue is relevant to your business, please feel free to contact Gow-Gates Insurance Brokers on (02) 8267 9999 to discuss your circumstances or to obtain a quotation.

Gow-Gates Insurance Brokers advises that persons should not act on the material contained in this article as the items are of a general nature only and may be misinterpreted. We therefore recommend that advice be sought before acting in these areas.

* Statistics provided by IBM Security Cost of a Data Breach Report 2021