FBAA urges brokers to secure cyber insurance

The association has flagged that cyber attacks can affect all businesses, not just larger national companies and that brokers should ensure they have insurance in place to cover the costs of any attacks.

FBAA managing director Peter White AM said that brokers should protect their data using specialist cyber security insurance – and not rely on their professional indemnity (PI) insurance for data protection – as some PI insurance does not cover attacks.

White commented: “We are advising our members that their PI insurance won’t be enough if they are the victim of a ransomware or other cyber attack, and I think this is a message that should be sent to the wider broking community.”

Darren Loades, the spokesperson for PI insurance provider Insurance Advisernet, said that while some PI policies will cover the “remedial notification expenses costs” following a cyber security event, it would not “provide cover for the main risk exposures like loss of data, ransom demands, and business interruption”.

The Australian Signals Directorate, a federal intelligence agency, revealed in its Cyber Threat Report 2022–23 that almost 94,000 reports had been made to law enforcement. The average cost of cyber crime had increased by 14 per cent to $46,000 for small businesses and $97,200 for medium businesses, it found.

Loades said: “Any size brokerage is at risk and we have seen even small businesses get attacked which can potentially ruin a business.”

White commented that it was “common sense” to take precautions to prevent a cyber security attack and that, although cyber specialists may intervene to deal with security issues, they are costly.

He said: “These specialists cost a small fortune so this is why we are urging brokers to get specialty cyber insurance cover.”

White said that brokers would be “foolish” to employ a “it won’t happen to me” mentality as cyber risks continue to increase.

Cyber security risks rising across the industry

National Australia Bank (NAB) echoed similar sentiments to the FBAA recently, stating that brokers needed to be able to “recognise the red flags and protect themselves and their customers” after the major bank’s customers reported an average of 1,500 scams monthly in 2023.

The warnings came as attacks and scam activity ramp up in the financial services space. The Australian Securities and Investments Commission (ASIC) revealed in March that it had taken down nearly 3,500 investment scam websites after ASIC was granted website takedown capabilities in June 2023.

Financial services provider KPMG also recently found that managing cyber risks was the top challenge for business lenders in 2024 due to the pandemic driving consumers to digital platforms.

Aggregator Connective called on brokers in December 2023 to adapt to privacy reforms and that brokers should be cautious to not provide lenders with a client’s sensitive information when conducting valuations.

[Related: ASIC takes down thousands of scam websites]