iTnews
  • Home
  • News
  • Business
  • Strategy

Cyber attacks won’t be covered by the Terrorism Insurance Act - yet

By Matt Johnston on Jun 20, 2019 12:20PM
Cyber attacks won’t be covered by the Terrorism Insurance Act - yet

Scope for protection under $13.4bn scheme.

A recent review of the Terrorism Insurance Act by the National Audit Office has opted to leave protection for cyber incidents off the table - for now.

The Act was established in 2003 after the September 11 terrorist attacks to address market failure in terrorism insurance coverage, as an interim reinsurance measure while the appropriate cover was unavailable on the private market.

Managed by Treasury’s Australian Reinsurance Pool Corporation (ARPC), the $13.4 billion fund covers losses involving commercial property, business interruption losses and public liability, with insurers paying premiums to the ARPC for the coverage.

Importantly, the scheme does not provide coverage for cyber terrorism incidents, despite mounting concern in both the public and private sectors of the dangers of targeted attacks.

Other notable exclusions from the scheme include nuclear attacks, acts of war, radiological damage and property owned by state or federal governments.

The latest review of the scheme by the Australian National Audit Office (ANAO), which happens every three years, did take into account the increased incidence of malicious digital activity.

It noted that while the issue an emerging one requiring attention, “there is yet to be a clear and evident market failure in relation to physical property damage from cyber terrorism requiring government intervention through the Act at this time”.

One thing complicating the issue is that cyber attacks are increasingly state-sponsored, or often for espionage purposes rather than causing outright damage.

Recent examples include the ANU, Marriott and the federal parliament data breaches, all of which China is suspected to have played a role in.

Even if the attacks had done more than steal data, the scheme may be hamstrung in the case of state-sponsored attacks due to the fact it doesn’t cover acts of war.

However, the ARPC is continuing to explore the issue ahead of the next review, engaging the OECD Directorate for Financial and Enterprise Affairs, along with the Cambridge Centre for Risk Studies, to undertake a 12-month study into the nature and cost of physical damage to commercial property (which includes interruption to business) caused by acts of cyber terrorism.

“The study will identify and explore current and prospective threats, likely scenarios as well as the practicalities of extending insurance coverage to include cyber terrorism in Australia,” the ANAO said.

The final report is expected by the end of this year, and will be shared with Treasury to inform the 2021 review of the terrorism reinsurance scheme, including whether there’s enough evidence to include provisions for cyber terrorist attacks.

Already, the Criminal Intelligence Commission estimates the direct costs of cyber attacks to directly cost the Australian economy at least $1 billion a year.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
anaocyberinsurancesecuritystrategyterrorismterrorism insurance acttreasury

Partner Content

The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats
Why rethinking your CMS is crucial for customer retention
Promoted Content Why rethinking your CMS is crucial for customer retention
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
  • Forrester Technology & Innovation Asia Pacific 2022
By Matt Johnston
Jun 20 2019
12:20PM
0 Comments

Related Articles

  • NSW Treasury, Department of Customer Service to merge cyber security teams
  • Audits alone won't solve govt cyber woes: ANAO
  • Treasury revisits cyber terrorism insurance cover
  • WA gov expands Microsoft enterprise agreement
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation

Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early

NBN Co taking orders for 'non-premises' connections

NBN Co taking orders for 'non-premises' connections

Australian scientists build world's first quantum computer IC

Australian scientists build world's first quantum computer IC

Digital Nation

IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
The security threat of quantum computing
The security threat of quantum computing
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.