This article was created in partnership with QBE.
Cyber risks are no longer just an IT issue – they’re a business risk. QBE is working with brokers and customers to help navigate these rapidly evolving threats.
Advancements in technology, most notably AI are becoming a double-edged sword for organisations. On the one hand, evolutions are reshaping how people work, acting as a catalyst for innovation and company-wide change. However, on the other hand, cyber criminals are also leveraging AI and other tools to rapidly escalate their capabilities.
According to research from the Australian Cyber Security Centre (ACSC), 164 cybercrime reports are made by Australians every day – that equates to one report every 10 minutes. What’s more, data from UpGuard found that the average cost of one of these breaches to Australian companies is around $3.35 million – marking an increase of 9.8% year-on-year.
Speaking to IB, Dominic Keller, global head of cyber services at QBE Insurance, said that they’re taking a proactive approach in helping organisations manage these emerging cyber risks.
“Cyber risks are evolving rapidly, not just in Australia, but globally. Recognising the need for greater support, QBE has invested heavily in a number of proactive services that assist brokers and customers in understanding key cyber risks and the impact they can have on their organisation.”
He also highlighted that cyber risk is a truly global threat, with internationally based ransomware actors just as likely to target Australian organisations. As such, it’s essential to approach organisational cyber risk from a global perspective.
“Cyber risk is not confined by geography. That’s why our product and the insights we provide are shaped by our global expertise,” said Keller. “Alongside globally consistent insurance solutions, QBE is committed to making sure our clients have access to information, advice and proactive services that help them prepare for cyber incidents, understand evolving threats, and ultimately strengthen their organisational resilience.”
Keller described QBE’s comprehensive approach across the insurance lifecycle, supporting leaders to prepare for, respond to, and recover from cyber risks in ways that protect their overall business objectives. “This is not an IT issue alone,” he added. “It’s a broader question of business resilience and risk management.”
This support is further strengthened by QBE’s threat intelligence specialists, who monitor cyber risks and provide advice to both underwriters and policyholders. On top of that, QBE delivers tabletop exercises (simulated cyber events), sample incident response plans and incident management documents, and preferred vendor relationships that can assist organisations and offer cost-effective ways of managing diverse cyber threats.
“We've worked on making it as straightforward as possible for clients to proactively connect with the right experts for their specific risks,” explained Keller. “Because when cyber incidents happen, they arise quickly, unexpectedly and impact an organisation in diverse ways. An organisation can go from full operations to having no systems operating – and their business is at a standstill – in a matter of minutes.”
It's a stark reality that many organisations have already lived through. October 2024 research from Cloudflare found that 41% of respondents across Asia Pacific said their organisation experienced a data breach in the past 12 months. When an attack occurs, access to experts and advice is essential - something Keller knows all too well.
“When supporting organisations during a cyber incident, the first important factor is making sure that experts are available to respond,” said Keller.
This includes access to cybersecurity experts, legal advisors, and incident responders, which can make a significant difference in recovery time and cost. However, when systems go down and operations halt, another concern is business continuity.
Business interruption is proving to be one of the most vital components of a robust cyber insurance policy. While many organisations think of cyber insurance purely in terms of breach response, the financial impact of operational downtime is often far greater - and far more disruptive.
“Business interruption is a coverage that is available under QBE’s cyber insurance policy, and it’s very important,” added Keller. “We see many situations where organisations are unable to use their key information systems or IT systems during a cyber incident, which can result in significant financial losses. Business interruption can provide coverage for this.”
“It can also provide cover for extra expenses incurred during a cyber incident. An example of this might be covering the cost of wages for additional security staff if security camera systems are impacted.”
To further help businesses reduce the impact of downtime, Keller said that QBE is offering increasingly comprehensive solutions to cater to unique business needs, globally.
Disclaimer: This content is brought to you by QBE as a convenience to readers and is not intended to constitute advice (professional or otherwise) or recommendations upon which a reader may rely. QBE makes no warranty or guarantee about the accuracy, completeness, or adequacy of the content.
Products issued and underwritten by QBE Insurance (Australia) Limited (ABN 78 003 191 035, AFSL 239545) (QBE). To decide if a product is right for you, please read the relevant PDS and TMD or Policy Wording, available at www.qbe.com/au.
