Lockton unveils cyber disruption guide amid rising threats in Australia

Lockton unveils cyber disruption guide amid rising threats in Australia

Lockton unveils cyber disruption guide amid rising threats in Australia | Insurance Business Australia

Cyber

Lockton unveils cyber disruption guide amid rising threats in Australia

Key insurance considerations outlined

Cyber

By
Roxanne Libatique

Lockton, in collaboration with risk management consultancy JS Held, has introduced a “Cyber Business Interruption Playbook” designed to assist Australian businesses in addressing risks related to cyber disruptions.

The resource provides a structured approach to managing cyber risks, covering areas such as risk evaluation, insurance coverage, incident response, and recovery planning. This is something that insurance companies and brokers could share with their clients to help them improve their cyber resilience.

Lockton recommends that businesses customise these plans to fit their unique operational structures, integrating input from key internal stakeholders to ensure effectiveness.

Incident response plans focus on identifying, analysing, and responding to cyber threats. The playbook suggests regular reviews and updates to keep plans aligned with evolving business needs and threat environments. Business continuity plans, on the other hand, focus on sustaining essential functions during a disruption, which may involve reducing operations temporarily or identifying alternate resources.

Cyber insurance and business interruption coverage

Lockton’s playbook underscored the importance of cyber insurance as a key risk management tool for Australian businesses. Cyber insurance policies typically cover financial losses related to cyber incidents, including business interruption, third-party liability, and cyber extortion.

The playbook emphasised that business interruption coverage can be one of the most critical yet misunderstood aspects of cyber insurance. This type of coverage compensates for income lost during a system outage or disruption.

See also  Swiss Re chairman to step down – will return to UBS as CEO

The guide advises companies to evaluate their potential exposure to business interruption and ensure their coverage adequately reflects their operational risks.

Key insurance considerations for Australian businesses

Australian businesses are encouraged to carefully review their cyber insurance policies, particularly provisions related to business interruption.

Lockton advises paying close attention to several factors that can impact coverage, such as the waiting period before coverage applies, the scope of covered incidents, and whether losses caused by third-party service providers are included.

The guide also highlighted the growing trend of “system failure” coverage, which covers business interruptions even when a cyber incident is not caused by an external attack.

Dependent business interruption coverage, which applies when a third-party provider experiences a disruption, is also becoming increasingly common in cyber policies.

Responding to a cyber incident

In the event of a cyber disruption, Lockton’s playbook advises businesses to activate their incident response plans and work closely with insurers. Immediate actions include:


contacting cyber insurance providers to clarify policy requirements
engaging breach counsel to handle legal obligations
coordinating with forensic experts to investigate and resolve the incident

Businesses are also urged to document all costs related to the disruption, including expenses for temporary staff and additional hours worked by employees. Accurate record-keeping will support business interruption claims and ensure that businesses receive the appropriate compensation for their losses.

Deepfake threats intensify in Australia

Lockton’s release of the cyber playbook comes amid rising concerns in Australia over deepfake technology.

According to a survey by compliance platform ISMS.online, 24% of Australian companies experienced security incidents involving deepfake technology in the past year. These attacks often involve cybercriminals using AI to mimic the voices or appearances of senior executives to carry out fraudulent transactions.

See also  While cat bond records fall, it’s not significant net-new reinsurance capital: J.P. Morgan

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!