Many organisations in Australia still misunderstand the impact of poor cybersecurity practices on their business, despite growing cyber risks and a record-breaking number of data breaches in the country, according to a major broker.
“Cyber risk and security is about so much more than keeping personal data secure,” said Robyn Adcock, cyber technology practice leader at Gallagher. “A cyber breach has a whole host of different consequences that could come into play that many businesses don’t realise. The reputation of a business can be irreparably damaged, operations may have to stop for a prolonged period of time, or the company and its directors could face legal action.”
The statement comes after EY said in a City A.M. report that poor cybersecurity practices may drag down the value of a business in a potential merger or acquisition.
“There are a number of areas where cybersecurity really plays a significant part, both in terms of the ongoing value of an organisation and at any point where there is M&A activity,” said Faizul Ali, EY’s lead partner for cybersecurity for transaction advisory services in the UK and Ireland.
In 2016, internet giant Yahoo saw its own value tumble in a deal will Verizon following a major cyber attack, which saw some 200 million Yahoo account names and passwords offered for sale on the dark web. From the original US$4.82 billion deal, the offer for Verizon to take control of Yahoo went down by US$350m to US$4.48bn after the breach.
Adcock said cyber insurance is designed to help organisations meet a variety of challenges that emerge as a result of a data breach.
“Cyber insurance can cover you a variety of threats linked to a data breach,” Adcock said. “Many cyber insurance policies also include a suite of expert first responders who can help reduce the damage from a data, reputation and legal perspective.”