.png?width=60&height=60&name=eye_tracking_60dp_8D741E_FILL1_wght400_GRAD200_opsz48%20(1).png){kind=tracking}
Be proactive, not reactive!
To support clients in their cyber risk journey, we’ve partnered with KYND to offer 24/7 domain monitoring and alerts. This includes tailored guidance to improve response plans and strengthen security controls - demonstrating to insurers that your clients are serious about managing cyber risk.
New legislation raises the bar
With the Australian Cyber Security Act 2024 now in effect, and under the Privacy Act, businesses face heightened expectations for cyber risk management. The Act’s focus is around the following:
- Mandatory ransomware reporting to the Australian Signals Directorate (ASD) within 72 hours of payment.
- Staff training on cyber threats and social engineering risks
- Maintaining an incident response plan
- Logging and detection readiness
Explore how KYND monitoring and cyber insurance can help your clients manage risks more effectively. Get a quote.
Learn from real-world claims examples
|
|
BackgroundThe Insured automotive company that offers vehicle sales and parts. After processing a payment through their bank, the Insured received a call from Threat Actors purporting to be their bank. Threat Actors were able to confirm the details of the recent transaction and then flagged a suspicious transaction made after the approved transaction, which didn’t exist. Threat Actors obtained the security token from the Insured over the phone as a purported verification step and were able to process fraudulent transactions totalling over $250,000.
OutcomeThe Insured sought cover under the policy for the loss of funds and expenses to investigate the incident. Forensic investigation identified an email account was breached along with the Insured’s bank account, there was no MFA on these accounts. Threat Actors were able to monitor transactions and able to process their own after obtaining the security token. The bank managed to recover around $90,000 and the sub-limit for cyber fraud was $100,000, Digital Forensics were $60,000 and legal fees were $35,000. |
|
|
BackgroundThe Insured received a payment request from an overseas supplier and the Insured proceeded to email the supplier to confirm the account details. The supplier flagged that their bank account was being audited and funds needed to go to a different account, sending a new payment request. Payment was processed the updated account details that had been supplied by Threat Actors and funds were paid to the fraudulent account. After 3 weeks the supplier followed up on the outstanding payment and it was identified that the fraud had occurred.
OutcomeThe Insured’s bank was unable to recover any of the funds and the overseas supplier confirmed that their email account had been compromised. Insurers indemnified the losses of the Insured totalling $85,000. No forensic or legal work was required as the breach was no on the Insured’s systems. |
|
|
BackgroundThe Insured was hit with a Ransomware attack which impacted one of their servers, including their onsite backups. Fortunately, there was no breach of the client or guest systems which contained the medical data. The Insured also had off-site back up services which had a viable back up from 12 hours before the compromise.
OutcomeThe Insured continued to use their IT service provider along with a couple of vendors from our panel to assist with the legal investigation and further digital forensic work. This included liaising with clients, customers and government bodies. A data review was required along with substantial remediation work on the systems. Total legal fees incurred were $125,000 and IT and forensic work was $100,000. |
For more information on our Cyber offering, please contact your local DUAL underwriter.
Any product information discussed in this blog is subject to the terms and conditions of the policy, eligibility criteria, any additional premium for optional cover, limitations and exclusions.
Copyright © 2025 DUAL Australia Pty Ltd (ABN 16 107 553 257, AFSL 280193). All rights reserved.
The information contained in this blog is intended for licensed insurance brokers and other authorised intermediaries only. DUAL issues insurances on behalf of Certain Underwriters at Lloyd’s of London and/or Allianz Australia Insurance Limited, acting as their agent. The information is of a general nature and does not take into account the objectives, financial situation or needs of any person. It is intended for the use of professional intermediaries who are expected to consider whether it is appropriate for their clients. Before recommending or offering any insurance product, intermediaries should read the policy wording, relevant Product Disclosure Statement (PDS) and Target Market Determination (TMD) and assess whether the product is suitable for their client’s circumstances. These are available on request or via our website at DUAL Australia.