Cyber security basics for business | Step 2 Financial protection

19 September 2017

Leon Fouche , National Leader, Cyber Security |

In part one of our cyber security series last week, we highlighted the importance of protecting your business’ digital assets with technology and training in a time when cyber criminals actively target small- and medium-sized businesses. 

This week, we discuss how cyber insurance – financially protecting your digital assets - is the next step to being cyber-secure.

To help you in understanding cyber insurance and how it applies to your business, we have created two resources for you:

  • A cyber insurance readiness self-assessment – complete the quick questionnaire to receive your free readiness report
  • A new BDO Global Whitepaper – read the latest advice on the value of cyber insurance as part of organisational risk management strategy.

The whitepaper explores what businesses and company boards need to consider regarding cyber insurance, namely:

  • Understanding and evaluating the financial cyber risk to the business
  • Determining the insurable cyber risks  
  • Finding the right policy.

The critical component to financially protecting a business’ digital assets is understanding how well the assets are currently protected and deciding whether that protection is safeguard enough. 

If you decide that the financial risk to the business is still too great, then you need financial protection in the form of an insurance policy to cover the risk expense. 

Finding the right cyber insurance policy can be challenging. The policy needs to cover your risk exposure identified in your risk assessment (identified in step one), have the right policy terms for your business, and explain clearly the exclusions. 

Download the Whitepaper: Managing Risk with Cyber Insurance to read our advice on cyber insurance. 

BDO is working with Cyber Plus to deliver a suite of cyber insurance services for Australian businesses. A core part of the suite is cyber insurance health checks, cyber insurance design services and claims preparation. 

Did you know you will soon be required by law to report all breaches – not only to the regulator, but to all individuals affected? The Australian Government has amended the Privacy Act (1988) to introduce mandatory data breach notifications (and fines for non-compliance) for organisations subject to the Privacy Act. If you’re not ready for the Privacy Act changes, you’re not ready for a cyber breach!

Next week, our last in this series, we will address ‘Step 3: How to respond and recover from a cyber incident’.

Until next week’s instalment, you can find out more about our cyber security insurance services for business, or contact me