The Insurance Council of Australia (ICA) has argued that Australian businesses, insurers and government must work together to establish the settings for a sustainable cyber insurance market to underpin economic growth into the future.
In a new report, the ICA highlights challenges to maintaining and developing a cyber insurance market to support Australian individuals, businesses and organisations operating in the digital economy following the COVID-19 pandemic.
The Association acknowledged that in Australia standalone cyber insurance is not, as yet, a well-known or understood insurance product.
The small pool size for transferring risk, alongside increasing loss ratios and reducing risk appetite, is thus affecting the availability of cyber coverage for some Australian businesses.
In response to this situation, the ICA has called for an overhaul of the government’s policy settings, including better data sharing between public and private bodies to help detect and report cyber-attacks.
Minimum security requirements and third-party certifications for software and hardware should also be made mandatory to reduce the vulnerability of cyber-attacks, the ICA says, as well as investment incentives for education around cyber risk.
The ICA has also called for the Government to develop and issue an Australian cybersecurity standard to ensure that government agencies and contractors they do business with evaluate their cyber maturity according to uniform standards.
“Right now, cyber insurance awareness is low within the Australian business community – only about 20 per cent of small businesses have cyber cover,” said ICA CEO Andrew Hall
“However, the digital evolution of both the economy and society since the COVID-19 pandemic has resulted in increasing awareness of cyber risks. As a result of this, in recent years, the number of organisations taking up cyber insurance in Australia has increased rapidly,” Hall continued.
“Right now, there is a small number of insurance providers. The combination of a small premium pool and the increasing sophistication and maliciousness of some cyber-attacks have put significant pressure on insurers and businesses alike.”
“This policy paper is the first step in getting the settings right for managing cyber risk in Australia and will give the industry greater confidence in participating in the market and providing cover.”
