National cyber strategy 'a significant step forward': Honan

Report proposes 'self-funding' insurance model for export industries

The government’s new national cyber office and 2023-2030 Australian Cyber Security Strategy represent “a significant step forward in Australia’s cyber resilience,” Honan says.

A discussion paper seeking feedback on the strategy has been released after Prime Minister Anthony Albanese led a roundtable of experts focused on making Australia “the most cyber secure nation”. A dedicated coordinator is to be established within the Department of Home Affairs to ensure a central approach to the government’s cyber security responsibilities.

Honan Placement Manager – Professional & Executive Risks Ben Robinson says the news highlights that companies must take their cyber security obligations seriously, and changes to security laws could have implications for Australian businesses.

“While they are not expected to know the technical ins and outs of their systems, Directors and Officers must know how to govern privacy and cyber-security risks,” Mr Robinson said.

That includes understanding cyber-attack types and those likely to be directed at their company, identifying internal operations that increase risk, and understanding the financial penalties, reputational harm, lost revenue and so on caused by failing to address compliance risks.

Managers should uphold strong privacy standards and implement the Australian Cyber Security Centre’s “Essential Eight” model to minimise cyber threats, he says.

‍Honan says insurance carriers and cyber underwriting practices will continue to evolve from a traditionally narrow focus on risk factors such as revenue, number of employees, record count, and industry class, to a “wider underwriting lens” encompassing loss modelling tools and continual system scanning.

This year, Honan expects cyber insurance rates to stabilise, with “best-in-class risks rewarded with more market interest”.

See also  Does Cancelling insurance hurt credit?

An Expert Advisory Board comprises Chair Andrew Penn, former Air Force chief Mel Hupfeld and CEO of the Cyber Security Cooperative Research Centre Rachael Falk.

The government is seeking feedback until mid-April on its discussion paper, which poses questions such as “What impact would a strict prohibition of payment of ransoms and extortion demands by cyber criminals have on victims of cybercrime, companies and insurers?” The 26-page discussion paper can be accessed here.

See Honan’s latest Cyber Liability Capability Statement here.