Management Liability for Not-for-Profit Organisations
Australia has about 60,000 registered not-for-profit organisations, according to the Australian Charities and Not-for-Profits Commission (ACNC).
Cyber security is a top risk management concern for Australian businesses, with eight in 10 organisations hit by ransomware. And research shows small businesses are likely to have poor security practices due to common misconceptions about the threat.
It is such a hot issue that the Federal Government appointed the first Minister for Cyber Security in a G20 country last June – Claire O’Neil has the role. The government is also investing $1.67 billion until 2030 as part of its current Cyber Security Strategy.
But small businesses will still need to do their bit in identifying and dealing with cyber risks in their quarters. Start by adopting these ‘quick wins’ for small businesses, including for your portable devices, website, end-of-support, and password manager.
Start by checking your assumptions about your insurance coverage for cyberattacks. We outline the top four myths below.
Cyber insurance covers ‘network and privacy liability’, so it’s not just about the data stored on your company computers. Cyber security policies typically cover costs associated with the following:
General liability cover relates to third-party claims for bodily injury or property damage due to your company’s negligence. It generally won’t cover a third party’s financial loss.
IT security won’t protect you from all risks of hacking or human error – the risk exposure remains. And hackers are one step ahead, even using the artificial intelligence app, ChatGPT, to write malicious code.
More galling is that last year it took an average of nine months to identify and contain a cyber breach, according to IBM. Their report found the average data breach cost for any sized Australian company from their sample was $2.92 million in 2022. This makes our nation the 11th highest of 17 countries surveyed for cyber breaches. As for small businesses, the average cost of a cyber strike is about $10,000, according to the Australian Small Business and Family Enterprise Ombudsman.
If the worst happens and a hacker gets in, or a rogue staff member lets you down, what next? Companies that don’t take proper care of customer data face increasing penalties under the Privacy Act. Find out more about this issue from Coulter Legal.
Think again. Ransomware can enter your business through funds transfer fraud, business interruption and system damage. They involve sensitive data your company might collect. Other examples include:
Research from RMIT University suggests that small business characteristics, such as agility, large cohort size, and piecemeal IT architecture, could allow for increased cyber security. The study points to small businesses forming alliances and the open-source code community helping the sector build its defences against attacks.
Part of your defence involves best-fit insurance, and we’re here to demystify the fine print about your best option. Reach out to make sure you have a comprehensive cyber insurance policy in place for your business.
It’s usually a stand-alone policy that fills the gaps in your other coverages. Cyber insurance offers breadth and depth, including access to incident response expertise, and we’ll draw on our experience to fast-track your claims
Article supplied by OneAffiniti
Photo by Pattanaphong Khuankaew on Unsplash