Skip to main content

Cyber insurance assists with the financial costs associated with a cyber event.

Cyber risks

Managing cyber risks is key for businesses hoping to succeed in a modern, digital world. In the first quarter of 2021 alone, direct financial losses from cyber incidents reported to CERT were $3 million.

We recommend businesses do 8 things to help reduce their cyber risks:

  1. Make sure all employees regularly update their passwords and don’t write them down anywhere or use passwords they’ve used for other services. Where you have default passwords in use for admin tools, these should be changed. If you can, enable two-factor authentication on website or system logins.
  2. Buy and install good quality anti-virus and anti-malware software – don’t just rely on what comes default with your system. Make sure you protect tablets, cellphones and any other devices you can that connect to the internet.
  3. Change your office WiFi password regularly and don’t leave printed copies of it lying around. Access to your WiFi could open up access to your files and systems if someone dishonest got in.
  4. Don’t connect company devices to open or free WiFi networks or install and use unauthenticated apps. These networks allow anyone connected to them to see other connected devices and could make your device a target for hackers.
  5. Make sure employees only download apps from the Google Play or Apple stores if they’re conducting any work on their devices. Unauthenticated apps could contain security vulnerabilities.
  6. Keep your software up to date. Vulnerabilities in unpatched software make for easy entry for hackers.
  7. Set up logs to detect unusual activity and verify any strange business requests you get by phone if you’re unsure of them.
  8. Get cyber insurance – cyber insurance covers you for cyber attacks and helps your business get back on its feet faster. With $16.9 million in direct financial losses from cyber attacks in 2020, it makes sense to protect yourself. Check below to find an insurer that provides standalone cyber cover in New Zealand.

You can find out more about protecting your business on CERT's website.

Visit CERT's business security page

Report a cyber incident

You can report confirmed or suspected cyber incidents to CERT at

Cover for cyber events

Cyber insurance can cover first and third party losses. First party losses are losses suffered by the insured. Third party losses are losses suffered by a third party because of the actions of the insured, and for which the insured is (or may become) legally liable to compensate the third party for.

Some insurance policies also provide enhanced benefits such as a retained response team of IT, legal and public relations professionals, who are on standby to respond to an event as soon as it happens.

Not all cyber insurance is the same. The scope of cover offered by each insurer will be outlined in full in their policy wording. As with any type of insurance, we strongly recommend you read and understand the policy wording before buying. If you have questions about the cover offered, you can seek advice from your broker or an independent legal adviser.

Find an insurer

The following ICNZ members currently offer standalone cyber insurance policies:

Learn more