Around the world, Australia is recognised for its excellence in education and training. Contributing over $32 billion to our economy, this critical industry represents Australia’s third largest export. Unfortunately however, this sector is one of the most vulnerable to cyber threats, due to a high dependency on digital infrastructures and web-based learning. In 2017, the education sector alone accounted for 26% of cyber-attacks in Australia, and 57% of cybercrime across the Asia-Pacific region.
The Impacts: How it Hurts
At present, the Government estimates that cyber incidents involving Australian businesses cost up to $29 billion a year. The financial implications of cybercrime are overwhelming, but they extend beyond the balance sheet. Significant damage to an organisation’s reputation is also common, as demonstrated in the recent attacks on The Australian Catholic University, Australian National University and Toll Group.
The vast number of digital libraries storing sensitive personal data also makes the education sector highly attractive to cyber criminals. Personally Identifiable Information (PII), such as student records, make cyber breaches particularly damaging. Furthermore, high-risk technology systems, hardware and infrastructures such as laptops, tablets, interactive whiteboards, mobile phones and video conferencing are commonplace in the education industry. Designed and utilised by multiple parties across the sector, e-learning platforms also house data relating to students, teachers, curriculums and learning outcomes, all of which may be at risk.
How Hackers Work
Hackers are becoming increasingly sophisticated in their approach to hacking anti-virus/anti-ransomware software. Readily available through the dark web, hackers now use scanning tools to identify particularly vulnerable organisations, and to further isolate the weak points in their systems and networks.
Once a hacker gains access to a device, systems like malware and ransomware can be used to extract confidential information or shut down computer systems/networks, demanding a ransom in return for access.
Cyber Insurance: Protection Through Policy
Cyber Insurance can represent a low-cost way to help protect your business from the risks of cybercrime. Given most organisations are not able to resolve cyber attacks in-house, a robust Cyber Insurance Policy will include an Incident Response Team (IRT). Equipped to respond immediately, the client’s IRT can:
- minimise further loss to the business (e.g. financial, reputational)
- regain critical system access ASAP with a view to protecting systems and data
- limit business downtime, minimising income loss as a result.
Cybercrime Case Study: How Honan Helped Honan recently supported a client (Sydney-based driver training school) through a cybercrime event.
The cybercrime (insurable event)A ransomware attack causing the booking and payment processing system to be down for five days, resulting in a $25,000 loss in revenue, plus IT vendor fees.
The resolutionHaving a Cyber Security Insurance Policy in place with Honan meant the total costs incurred by the client were covered by their insurance premium. Beyond potential financial loss, the IRT provided valuable insights into the type of attack and the resulting damage. The IRT conducted analysis of the client's systems to limit the risk of further attacks.
Honan - we’re with you all the way
For more information on how to protect your business from cyber threats and other emerging exposures, please contact us at any time:
Chris Prowse Senior Client Executive ‑ Corporate Insurance & Risk Solutions
0491 696 380