Wednesday, April 19, 2023

Return to listings

Managing cyber security risks in the digital age: a guide for pharmacy owners

In today’s digitally driven world, cyber attacks are becoming more common and sophisticated. In fact, a cybercrime is reported every seven minutes on average in Australia (ACSC, 2022). Australians have lost more than $98 million to malicious cyber activity between 2021-2022, with an incident resulting in an average loss of more than $64,000. Unfortunately, no sector of the Australian economy is immune, and government, education, and healthcare have all been targeted by these malicious activities. This article takes a closer look at pharmacies, which operate in the health technology space can reduce their cyber risk exposures.

Data protection risks for pharmacies

Pharmacies have opportunities to improve their operational efficiencies through technology, but this can expose them to potential data protection risks. A noteworthy example is the 114 million ePrescriptions which have been issued in Australia since May 2022. ePrescriptions are changing the way that pharmacies operate but they also contain important personal data that can be misused if they are intercepted by hackers.

Over the last two months we have received a range of notifications from clients operating pharmacy stores, including:

  • Incidents where payroll systems were hacked, and banking details were changed
  • Hackers targeting bookkeepers with invoices from new suppliers with banking details changed
  • Staff members clicking on links within scam emails, resulting in computers being locked

Risk management essentials

The following security controls can help your business reduce the likelihood of falling victim to a


  • Implement Multifactor Authentication (MFA) for all remote access to your network and privileged user accounts. This significantly increases the security of your system, especially if you use an authentication application
  • Use email filtering software to scan and filter inbound and outbound messages for spam

and malicious content. Email attacks are a common way for hackers to target your business and employees

  • Regularly back up devices and set secure passwords
  • Regularly update computer systems

How cyber insurance can help

While risk management is key in preventing incidents. However, cyber insurance is a powerful tool to help offset the costs associated with notifying customers as well as legal liabilities that may arise from such an event.

Feel free to reach out at any time to discuss how we can help you manage your business’ risk exposures.

Giuseppe Carollo
Head of Carollo Horton

* This list is not exhaustive. More details can be found at the Australian Cyber Security Centre website.

Return to listings


Honan Insurance Group Pty Ltd is now fully owned by Marsh Pty Ltd. To find out more, speak to your broker or read the announcement