The Office of the Australian Information Commissioner (OAIC) has released its first quarterly report into notifiable data breaches, which shows 63 reported breaches since the scheme began on 22 February 2018.
That means in only its first 38 days, the scheme is averaging more than two notifications every business day.
Gerry Power, National Head of Sales for cyber insurance specialist underwriting agency Emergence, says the statistics are “frightening”.
OAIC’s figures show health service providers made the most notifications, at 15; followed by legal, accounting and management services, 10; finance, including superannuation, eight; education, six; and charities, four.
The figures are consistent with Emergence claims data that show the accounting industry is a major target for cyber theft.
Human error was responsible for 32 of the notifiable data breaches (NDB) reported; malicious or criminal attacks, 28; and two were system errors.
Gerry said the high rate of NDBs in only 38 days of the scheme’s operation highlighted the need for cyber insurance.
Emergence’s cyber policy gives insureds 24/7 access to an incident response team of experts who understand the importance of immediately mitigating potential threats to insureds’ businesses.
The Emergence solution also manages reporting data breaches to OAIC, any subsequent regulatory investigations, and costs associated with communicating data breaches to affected individuals.
A cyber insurance policy is part of every successful business’s risk management framework. Cyber insurance is not the first line of defence; it is designed to protect a business when its IT security, policies and procedures fail to stop an attack.
Emergence is a pioneer of cyber cover in Australia and provides protection for SMEs through to ASX-listed entities. It is a cyber specialist, focusing all its efforts on risk management and fine tuning its policy to provide top-level protection.
Gerry warned the NDB scheme meant companies could not keep silent on data breaches and hope for the best because notification to OAIC was now mandatory. Your clients need to understand the risks and they need protection.
Emergence’s Cyber Event Protection package gives your clients financial support and incident response expertise to recover from adverse events, including ransomware attacks, point-of-sale intrusions, denial-of-service attacks and cyber espionage.
Published by Emergence Insurance Pty Ltd