Australian businesses are getting smarter about managing cyber risks.
Two moves – learning more about ransomware and improving their defences against cyberattacks – are paying off, according to a recent industry survey by consultancy CyberCX. It found ransom payments dropped 50% in 2023, according to The Australian Financial Review.
But, there’s more to do.
Active cyber insurance: A game changer
If your SME has cyber insurance (about 20% do), remember, it’s a not set-and-forget solution. But it does play an important role in your cybersecurity arsenal. Insurers are constantly improving policies to address evolving threats.
This year, a new option is gaining traction: active cyber insurance. This policy goes beyond recovery and focuses on preventing cyber incidents. They help SMEs identify weaknesses, improve defences, and offer tools to detect threats and respond effectively if attacked.
Meanwhile, traditional cyber insurance focuses on financial recovery after an attack.
OT/IT overlap
In the past, operational systems (OT) were isolated from the internet, making them less vulnerable than information technology (IT) networks.
However, advancements, such as artificial intelligence powered automation, mean OT equipment is now online, too. This creates overlapping risks between OT and IT.
Missing cybersecurity talent
Along with the rest of the globe, Australia is suffering from a cybersecurity skills shortage. We saw a high turnover of talent during the pandemic as hybrid or remote work made team cohesion tricky.
Since then, cyber security experts have become increasingly burnt out and fatigued, reports IT News. And, Australia will be 30,000 cyber security professionals short in the next four years, says TechRepublic.
Since then, businesses with unfilled cyber security vacancies are looking to upskill the staff they currently have to deal with the shortfall. Even the government is trying to nurture the next generation with a promising Virtual Work Experience program for 14-to-25 year olds with a disability to get a taste of ICT work.
Underwriters predict higher risk
Ensuring a talent pipeline is key, particularly with the range and depth of risks increasing. A global survey of insurers predicts a significant rise in cyber risks this year, finding:
- Cyber risks will rise significantly this year
- Ransomware is likely to become the top threat
- Insurance premises will go up slightly
- Not much will change on businesses who prefer to self-insure, and
- Most respondents thought cyber policy coverages will roughly remain the same.
So, time to get even more serious about cyber risk protection. If cyber isn’t part of your insurance, it should be.