Insurers bank on data breach laws

By on
Insurers bank on data breach laws

Mandatory notification could bolster demand.

Insurance providers have forecast a growing demand for cyber insurance products in Australia as the government moves to crack down on data breaches.

To date, cyber insurance products – covering breaches of privacy law, data loss and DDoS attacks – have attracted more than $500 million a year in premiums worldwide.

But 95 percent of the cyber insurance market is US-based, according to Ian Pollard, Asia Pacific vice president of insurer Chartis.

Chartis last week launched its cyber insurance product in Australia after 10 years in the US, to address growing awareness of cyber security risks and what Pollard described as a “convergence of legislation around the world”.

“Obviously, information is global; it’s on the world wide web and therefore [organisations] are exposed to international legislation,” he said.

“Boards and CEOs in Australia need to recognise that intentional or unintentional cyber breach can have serious financial, operational, legal and reputational consequences.”

Despite existing products from the likes of Chubb, Zurich and Macquarie Underwriting, Pollard said the local cyber insurance market was largely untapped.

That could change as Attorney-General Nicola Roxon moves to introduce laws forcing organisations to notify customers any time personal data falls into the wrong hands.

"Mandatory notification would definitely transform the landscape of the marketplace for cyber insurance in Australia,” Stephen Bonnington, Zurich Financial Services’ head of financial lines said.

Bonnington pointed to a 2011 Symantec report that found significant data breaches cost Australian organisations about $2 million per breach.

The Attorney-General’s Department this month indicated that organisations could face costs of more than $174 per breached record under a mandatory notification regime.

Bonnington said Zurich’s cyber insurance product had attracted “a large number of queries” from the finance and retail sectors since its introduction late last year.

"We have sold a number of these policies, but we're anticipating an exponential growth in our portfolio,” Bonnington said, citing a Zurich survey that found almost two-thirds of global businesses uninsured against cybercrime.

“Despite the low levels of insurance cover, more than half of [surveyed businesses] conceded that information security and cybercrime risks was either an ‘extremely serious’ or ‘serious’ threat to their business.

“I think we are going to see a much greater transfer from 'concern' to 'action' on this.”

Ken Goldstein, US-based vice president of Chubb Insurance, said the advent of mandatory data breach notification laws in Australia “could spark an interest” in its local product, which was introduced in April 2010.

Pollard expected Chartis’ product to appeal to the finance, education, medical, travel and retail sectors, with retailers especially keen to protect data collected for their loyalty card schemes.

Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

New Windows 10 users, are you upgrading from...
Windows 8
Windows 7
Windows XP
Another operating system
Windows Vista
How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?