July 2024 Market Update – Cyber Liability Insurance

Cyber Liability Market Update

Cyber Liability premiums remain stable as newer market entrants establish themselves and diversify market share, maintaining favourable conditions for buyers. The cover offered by cyber policies has expanded, with some insurers broadening their service offering to include network monitoring as part of the policy coverage.

Proposed reforms to the Privacy Act 1988 (Cth) together with greater enforcement powers to the OAIC will see more regulatory action brought against more organisations, not only those in the public eye.

The majority of cyber claims (by frequency) trigger the ‘first-party’ section of a traditional cyber policy. Following the proposed reforms, it is expected that the regulator and affected third parties will be more inclined to lodge complaints and bring claims for compensation arising out of identity theft and breaches of privacy/data.

Insurers will look more favourably upon those businesses that proactively demonstrate cyber risk resilience. To reiterate which measures should be considered, we refer to the ‘Essential Eight’. The Essential Eight steps to prevent and mitigate cyber security incidents are a good starting point and have been formulated by the Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC). They are as follows:

  1. Creating, implementing and managing a whitelist of approved applications.
  2. Implementing a process to regularly update and patch systems, software and applications.
  3. Disabling macros in Microsoft Office applications unless specifically required. Training employees not to enable macros in unsolicited email attachments or documents.
  4. User application hardening by ensuring web browsers are configured securely to block malicious content. Only using necessary browser extensions and keeping them updated.
  5. Restricting administrative privileges to those who need them.
  6. Setting up automatic updates for patching operating systems.
  7. Using strong, unique passwords and enabling multifactor authentication.
  8. Conducting daily backups of critical data and isolating backups from your network.

Other key measures which should be taken include:

  • Regular risk assessments
  • Utilising an endpoint detection and response (EDR) solution deployed across all endpoints
  • Creating a well-defined incident response plan
  • Cyber awareness training/simulated phishing attacks for employees.
Continue reading our full range of market updates here:

July 2024 Market Update Overview

For more in depth market updates by product class, profession and industry, please see our individual reports below:

Property

Commercial Liability

Workplace Risk

Motor

Contractors Plant & Equipment

Executive & Professional Risk

Construction Professionals PI

Transaction (M&A) and Contingent Risks

Construction

Strata

Claims

Stay informed with the latest risk trends and market updates delivered direct to your inbox each month.


Browse by category

Risk Trending

Risk Trending

Recent articles by our Team reporting on the latest trends, legislation and key events impacting insurance.

Market Updates

Market Updates

Bellrock's biannual reports on the state of the insurance market subject to risk area, insurance product and industry sector.

Product Fundamentals

Product Fundamentals

Simple guides to a range of insurance products, outlining coverage, benefits, common exclusions, and claims examples.

News & Events

News & Events

Upcoming events for clients and industry partners. Plus Important developments across our organisation