Lloyd’s requirement for cyber war exclusion in Cyber Insurance policies is now a reality

Lloyd’s requirement for cyber war exclusion in Cyber Insurance policies is now a reality

Date

By March 2023, all cyber policies written by Lloyd's Syndicates and Lloyd's coverholders must include suitable war exclusions for losses resulting from state-backed cyberattacks, as announced by Lloyd's in August 2022. With this mandate in mind, the Lloyd's Market Association (LMA) developed four model cyber war exclusions as market standards. These exclusions exclude "cyber operations" and "war", both defined terms in the exclusions. The cyber war exclusion replaces long-standing war exclusions that lacked modern definitions and have become less relevant in the cyber world.

What Happened in the Not-Petya Cyber Attack


What happened in the “Not-Petya” attack in June 2017 best exemplifies the significance of the bystander cyber asset write-back. The US, UK, and Australian governments blamed the Russian military on behalf of the Russian government for the attack, which targeted critical infrastructure in Ukraine. The attack had an impact on some Australian businesses, including Cadbury.
With cyber-attacks on the rise and the lines between government-sanctioned actions and state-sponsored threat actors becoming increasingly blurred, protection for innocent bystander cyber assets is critical.


What is considered a cyber war?


A cyber war is a form of conflict between two or more nations or groups that involve the use of technology, particularly computer networks and the internet, to launch attacks on each other’s computer systems, networks, and infrastructure.

A cyber war may involve a wide range of activities, such as hacking, virus and malware attacks, denial-of-service attacks, and other forms of cyber espionage and cyber sabotage. The goal of these attacks may be to disrupt critical infrastructure, steal sensitive information, damage systems, or gain a strategic advantage over the opposing side.

The term “cyber war” is often used interchangeably with “cyber conflict” or “cyberattack,” but it generally refers to a more sustained and coordinated effort to disrupt or damage an opponent’s computer systems and networks rather than isolated incidents of hacking or cyber espionage.



Does the Australian government have a cyber war fund?


Yes, the Australian government has a cyber war fund known as the Australian Cyber Security Centre (ACSC) Fund. The ACSC Fund was established in 2016 to support cybersecurity initiatives and assist in protecting Australia’s critical infrastructure, networks, and systems from cyber threats. The fund is managed by the Department of Home Affairs and provides financial support for cybersecurity research, development, and education initiatives, as well as for the development and enhancement of cybersecurity capabilities within the government and the private sector. The fund is intended to support Australia’s efforts to defend against cyber threats, respond to cyber incidents, and build resilience against future attacks. Read more https://www.cyber.gov.au/acsc/small-and-medium-businesses

More
articles

What Is the Essential Eight Maturity Model

What Is the Essential Eight Maturity Model

Date

The Essential Eight Maturity Model is a framework developed by the Australian Cyber Security Centre to guide organizations in improving their cybersecurity posture. The model consists of eight mitigation strategies, including application control, patching applications, patching operating systems, privileged access management, endpoint protection, data backup, limiting lateral movement, and multi-factor authentication. The model is designed to help organizations assess their current level of maturity in implementing these strategies and provides guidance on steps to take to improve their cybersecurity posture. The mitigation strategies are considered essential because they can effectively address the most common cyber threats.

The Essential Eight Maturity Model

  1. Mitigation strategies
  2. patching applications
  3. patching operating systems
  4. privileged access management
  5. endpoint protection
  6. data backup
  7. limiting lateral movement
  8. multi-factor authentication

More
articles

Security risks in digital supply chain’s

Security risks in digital supply chain’s

Date

Production and supply chains are constantly yo-yoing in the midst of Covid-19life. From a digital perspective, Cyber supply chains are complex series of interactions across the lifecycle of all products and services used by an organisation. Think every time your business interacts with a supplier, orders from a manufacturer, distributor or retailer there is an inherent risk.

What happens if a one of these interactions or partners are targeted by cybercriminals? Supply chain risk mitigation is an essential component of risk management strategies and information security programs.

The more a business adds to its online ecosystem, the more opportunity cybercriminals have. Digital risks are the unavoidable byproduct of digital life, and when unaddressed, these risks can develop quickly into supply chain threats such as Ransomware attacks, Security breaches, Malware infection, and Intellectual property theft. But the risk for Cyber Supply chains dont stop there.

With many organizations relying on outsourcing to handle at least some aspects of their day-to-day operations, third-party risk should be front of mind. Supplier fraud, or vendor fraud events are becoming increasingly difficult to identify, as fraudsters commonly adopt advanced social engineering techniques, using everything from AI-generated voicemails and Deepfake video recordings. Fraud is still on the rise since its sudden prevalence during the pandemic. Australians have lost over $270,000 to these scams so far this year, an increase of 301%.*

Finally, Data integrity throughout the supply chain is a significant area of security concern. Security measures should ensure all data states are secure. Data encryption practices are especially important between third-party integrations because hackers know that a target’s third-party vendor likely has access to their sensitive data. Earlier this month, Email marketing service Mailchimp revealed a data breach that resulted in the compromise of an internal tool to gain unauthorized access to customer accounts and stage phishing attacks.

Cyber insurance can help cover financial losses to your business, your customers and other parties following a cyber security breach. It is important to understand the PDS of the Cyber policy chosen to ensure you are adequately covered, as not all policies offer protection from all the security risks noted.

Speak to our team to find out how we can assist business owners with peace of mind and protection against cyber-attacks, such as computer hacking, ransomware and data theft. Keep in mind, what is covered and what is excluded will vary between policies, it is important to work with your Cyber Insurance Comparison Broker to ensure your Cyber policy is suitable for your needs.

Article originally shared via Ausure.com.au

More
articles

How to protect yourself from cybercrime

How to protect yourself from cybercrime

While you’re on your phone or laptop, would you like a crash course on cybercrime and how you can be protected? If the answer is no, then you probably already have cyber insurance cover on your business or home. If yes, read on...

What is cybercrime?
Basically, it is identity theft, online scams, cyberbullying and financial fraud, committed via computers or other digital devices.


Who does it relate to?
These numbers tell the story. Maybe you are less exposed if you live in a cave, off the grid in the middle of Australia with no phone and internet. But even then, you have some details recorded on the internet like your Tax File Number, and registered address for your cave…

sourced from Emergence

Even if you take out cyber insurance, what are your responsibilities?
Don’t re-use passwords or share passwords. Make sure to use multi-factor authorisation, like when you get a verification code as an SMS. Aside from that, generally, be vigilant, ensure you’ve installed good anti-virus software on your devices and don’t open links you’re unsure of. We can all do more, but this is a good start

Small business claim example

Compare Cyber Insurance Policies 5 Staff

Compare Cyber Insurance Policies $1M turnover

BACKGROUND

The Insured’s employee inadvertently misplaced a company laptop, which contained a list of 1000 client tax records and credit card details.

OUTCOME

A total cost of $250K was paid for the cost of notifying the affected individuals and the privacy commissioner of the data breach. This also included the costs incurred in retaining a Public relations firm to assist the insured in re-establishing their business reputation. 

Payment: $250,000

Cyber Crime

If you’re reading this article and you’ve never thought about protecting yourself, your family or your business against cyber offences,

Share This Post

More To Explore

News

Lloyd’s requirement for cyber war exclusion in Cyber Insurance policies is now a reality

By March 2023, all cyber policies written by Lloyd’s Syndicates and Lloyd’s coverholders must include suitable war exclusions for losses resulting from state-backed cyberattacks, as announced by Lloyd’s in August 2022. With this mandate in mind, the Lloyd’s Market Association (LMA) developed four model cyber war exclusions as market standards. These exclusions exclude “cyber operations” and “war”, both defined terms in the exclusions. The cyber war exclusion replaces long-standing war exclusions that lacked modern definitions and have become less relevant in the cyber world.

News

What Is the Essential Eight Maturity Model

The Essential Eight Maturity Model is a framework developed by the Australian Cyber Security Centre to guide organizations in improving their cybersecurity posture. The model consists of eight mitigation strategies, including application control, patching applications, patching operating systems, privileged access management, endpoint protection, data backup, limiting lateral movement, and multi-factor authentication. The model is designed to help organizations assess their current level of maturity in implementing these strategies and provides guidance on steps to take to improve their cybersecurity posture. The mitigation strategies are considered essential because they can effectively address the most common cyber threats.

Five tips to protect against ransomware attacks

Ransomware attacks are one of the most common forms of cyber attack in Australia. How can you protect your business?

Ransomware hackers steal businesses’ files and demand ransom payments to get them back. The attacks can be devastating financially for companies that are not prepared.

For example, the WannaCry attack hit 200,000 victims in 150 countries.

If you run a business, follow these five tips to safeguard yourself and your business against such attacks.

1. Update your software

Pay close attention to the software you use. Emergence Insurance recommends you alway accepting options to update or patch your operating system and other key applications immediately updates are available. Updates are often designed to strengthen cyber security.

2. Install antivirus software

Regular software updates alone do not ensure your systems are protected. Viruses are still a threat because they constantly evolve. Guard against them by running a reputable antivirus tool and remember to update your software immediately when updates are available.

3. Use common sense on the internet

Be smart about not exposing yourself to cyber attacks. Think before you click on unfamiliar links and don’t open strange email attachments. Delete all emails that look suspicious.

4. Backup your files often 

Create backups of all your files often. It’s a simple, effective way to ensure that if ransomware thieves steal your files and hold them hostage, the thieves have no leverage against you.

5. Develop a cyber security plan

Develop a long-term plan to strengthen your business’s cyber security. It should include educating your employees; upgrading hardware and software; building a business continuity plan; and buying cyber insurance protection to safeguard your business financially in the event of a cyber attack.

 

Source

Emergence Insurance

Emergence Insurance is here to protect all businesses – large and small – against cyber risks. In fact, that’s all we do, so we’re the specialists in the field.

 

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

How can I protect myself against the WanaCry Ransomware?

WanaCry Ransomware

To best avoid infection of this sort we advise that the following steps are taken to maximise your system protection.

How can I protect myself against the WanaCry Ransomware?

You can protect yourself against the ransomware in the following ways:

  • Ensure you have a valid corporate Antivirus subscription
  • Ensure your Antivirus is up to date
  • Ensure that port 445 is closed on your network
  • Ensure you are up to date with all Microsoft updates on your server and workstations
  • Back up your data with an external hard drive or to the cloud

Please contact your local IT Support if you are unsure if you are protected, or may have the ransomware on your computer.

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrant the accuracy of any information contained therein, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Latest Trends in Cybersecurity

Trends in Cybersecurity

The release of the latest Cisco security report shows that the cost of data breaches amounted to more than 20% of revenue on top of a substantial loss of customers and opportunities for more than a third of the organisations breached in 2016.

Some of the report’s major findings included

  • Ransomware is dominating the malware market although it is not a new threat it has evolved to become the most profitable malware type
  • Adobe Flash vulnerabilities continue to pose a prominent threat
  • There is a false sense of security about secure connections

Recommendations from Cisco researchers include:

  • Instituting and testing an incident response plan that will enable a swift return to normal business operations following a ransomware attack
  • Not blindly trusting HTTPS connections and SSL certificates
  • Moving quickly to patch published vulnerabilities in software and systems, including routers and switches that are the components of critical Internet infrastructure
  • Educating users about the threat of malicious browser infections
  • Understanding what actionable threat intelligence really is

Full Cybersecurity Report Click Here

Need Cyber Insurance?

Compare Cyber Insurance

1300-Insure

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

First ever OS X ransomware encrypts your data and asks for money

Safety concept

First ever OS X ransomware

Ransomware is a particularly nasty piece of malware: After your computer is infected, it encrypts your data and refuses to give you the key unless you pay its makers a sum of money. Save for any glaring mistakes in the malware’s implementation, paying up is usually the only feasible way to get your data back, especially if you don’t have a backup.

Now, according to security company Palo Alto Networks, the first functional ransomware that operates on Apple’s OS X has been discovered.

Read More

Source mashable.com

Compare Australian Cyber Insurers

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs