Skip to main content

Cyber insurance assists with the financial costs associated with a cyber event.

Cyber risks

Managing cyber risks is key for businesses hoping to succeed in a modern, digital world. In the first quarter of 2021 alone, direct financial losses from cyber incidents reported to CERT were $3 million.

We recommend businesses follow CERT's 11 cyber security tips to help reduce your cyber risks:

  1. Install software updates. Keeping your devices and software up-to-date is one of the most effective things you can do to keep your system safe.
  2. Implement two-factor authentication (2FA) to protect both your systems and your customers accounts.
  3. Backup your data, so if your data is compromised in any way you have a backup, or a copy, available so you can restore it.
  4. Set up logs to detect unusual activity and verify any strange business requests you get by phone if you’re unsure of them.
  5. Create a plan for when things go wrong. If something goes wrong, you know what steps to take to keep your business running.
  6. Update your default credentials that provide administrator-level access to a product, such as your website or new hardware or software you use.
  7. Choose the right cloud services for your business, ensuring that the product or provider you choose can provide the services and protection you need.
  8. Only collect the data you really need from your customers helps to reduce your risk level and how valuable you are to an attacker.
  9. Secure your devices with anti-malware software on any device that accesses your business data or systems.
  10. Secure your network, with the right firewalls in place to help control where connections go, and limit access to the internet facing parts of your network only to those who need it.
  11. Manually check financial details before approving transactions. If you receive an unexpected request via email call the person or company you’re dealing with to reduce getting caught up in online fraud or invoice scams.

You can find out more about protecting your business, with an online guide to implement the above steps, on CERT's website.

Visit CERT's business security page

In addition to the proactive steps, you can take cyber insurance covers you for cyber-attacks and helps your business get back on its feet faster. With $16.9 million in direct financial losses from cyber-attacks in 2020, it makes sense to protect yourself. Ask your insurer or broker for advice on what cover you may need.

Report a cyber incident

You can report confirmed or suspected cyber incidents to CERT at

Cover for cyber events

Cyber insurance can cover first and third-party losses. First party losses are losses suffered by the insured. Third party losses are losses suffered by a third party because of the actions of the insured, and for which the insured is (or may become) legally liable to compensate the third party for.

Some insurance policies also provide enhanced benefits such as a retained response team of IT, legal and public relations professionals, who are on standby to respond to an event as soon as it happens.

Not all cyber insurance is the same. The scope of cover offered by each insurer will be outlined in full in their policy wording. As with any type of insurance, we strongly recommend you read and understand the policy wording before buying. If you have questions about the cover offered, you can seek advice from your broker or an independent legal adviser.