What could a cyberattack really cost Australian business and insurance?
Cyber risks are intangible and abstract, making it difficult for many businesses to quantify the threat they pose. However, a recent risk report from Lloyds and the University of Cambridge has presented an alarming scenario to illustrate the potential for cyber risks to cripple businesses and the insurance industry.
While this scenario illustrates a massive scale cyberattack throughout America, a recent report from Swiss Re has revealed Australia's exposure to such an event may be far more severe than once thought.
Business blackout: An illustrative scenario
A piece of advanced malware named the Erebos Trojan rapidly spreads and infects electricity generation control rooms throughout the North-Eastern United States. It remains dormant in countless systems until it's triggered by its sender.
It releases its payload – a complex series of malicious codes – and subsequently takes control of 50 generators, forcing them to overload and burn out. The overloads cause fires and explosions throughout the region, temporarily disabling the North-Eastern United States' entire electricity grid.
Some areas have power back after 24 hours, but several have no power for weeks, shutting down businesses throughout the region. Economic impacts include direct damage to assets, massive loss of productivity, loss of sales revenue and disruption of the supply chain. The total cost is estimated at between $243 billion and $1 trillion.
What's more alarming about this catastrophic hypothetical event is that Lloyds estimates the likelihood of it happening at more than 200:1 – making it an event that insurers must prepare for. This scenario clearly illustrates the wider impact a cyberthreat could have on businesses globally, however, attacks more specifically targeted at your business could be just as damaging.
Australia's six most at-risk capital cities are vulnerable to cyberattacks which could cost in excess of $80 billion.
Australia may be safer and more remote than the United States, however the threat of costly cyberattacks is still very real for businesses here. In fact, our government's national computer emergency response team responded to almost 15,000 cybersecurity incidents affecting Australian businesses between July 2015 and June 2016.
According to the Australian government's Cyber Security Centre (ACSC), 418 of these involved critical infrastructure and/or systems of national interest. These include industries such as transport, defence, banking and energy.
While there have been no cyberattacks in Australia of the magnitude described above, these numbers certainly prove that businesses around Australia are vulnerable to cyberthreats.
The ACSC also revealed that incidences with massive potential for disruption to businesses have already occurred throughout Australia. One notable example was a cyberattack on a corporate network of an Australian critical infrastructure owner and operator. The attacker gained administration access to the system using real credentials, and stole a large quantity of sensitive data.
A premium insurance offering
The insurance industry is rapidly reacting to the expanding threat of cyberattack, however there are still significant vulnerabilities Australia-wide. In fact, Lloyds data has shown that Australia's six most vulnerable capital cities (Sydney, Melbourne, Brisbane, Perth, Adelaide and Canberra) are open to cyberattacks which could cost in excess of $80 billion.
Insurance brokers have an opportunity to better understand this risk and educate their clients about their vulnerabilities. This is key to providing value as a broker, and keeping pace with an industry that's changing rapidly.
Ensure that all of your clients can afford adequate cover for threats of all shapes and sizes and offer premium funding with Attvest Finance. While safeguarding businesses against cyberthreats is necessary, so too is minimising the impact that insurance premiums have on their cash flow.
Get in touch with Attvest Finance today.