Prep key to cyber recovery

The growing frequency and sophistication of cyber attacks means businesses must rely more on outside experts if they are going to stand a chance of recovery, say two leading experts.

Zurich National Underwriting Manager Corporate Institutions Kym Beazleigh and Minter Ellison Partner Cam Oxley held a packed-out masterclass addressing cyber security, privacy and liability on the first day of the NIBA Convention.

Taking delegates through Australia’s current cyber security climate, Beazleigh says the severity, frequency and perception of cyber incidents are on the increase.

“In the past three years, we have seen an increase in the number of Australian businesses experiencing some form of cybercrime, up from 47% in 2012 to 57% in 2014,” Beazleigh says.

“Around 36% of the same organisations have experienced a loss exceeding $1 million in the past 24 months. Over 57% of Australian organisations perceive that cyber crime risk has increased.”

“We can’t avoid the fact that this is happening here [in Australia],” Beazleigh adds.

Following Beazleigh’s introduction, Oxley presented an in-depth case study of an Australian business ruined by the effects of a major cyber attack.

The case study featured Oxley’s client, a Melbourne-based web service provider established in 2002. Over nine years, the company had built their business up to 200,000 domain names and were worth tens of millions of dollars.

In 2011, a security breach was detected. The company went about shutting down their entire network and rebuilding their servers to ensure complete recovery. Following their efforts, a second breach occurred, beginning a trail of events that led to the demise of the entire business.

“There was another breach, but this one was very different,” Oxley explains.

“A week earlier, the hacker had done no damage, made no demands. This time the hacker gained access and started systematically destroying their servers by introducing malware.”

The business was served with a breach notice by the registry and were forced to give up their domain names, thereby losing the entire business. After paying their recovery debts, there was nothing left.
Following the incident, which took a matter of weeks to unfold, the owners were left with some hard-earned insights regarding the severity of security and privacy breaches, and the flaws in thinking that lead to cyber vulnerability, namely:

  • Cyber security is no longer solely an I.T. issue. It is often integral to the survival strategy of a business and deserves due diligence.
  • Seeking outside advice regarding a business’s security measures is crucial to picking up on minor, unforeseen weaknesses.
  • Being prepared for a cyber security breach is crucial to potential recovery efforts.
  • Ensuring your company has more than one or two people who understand cyber security is important, as recovery often requires group decision making.
  • Clients should always be put first; their information is the livelihood of a business and should always be considered the most important asset.

Oxley says that to have recovered from the attack, his client would have needed to be very well-prepared for the worst.

“The only chance to save this business was to have received some outside help in that first week. If they had had some assistance then from people who were experienced in negotiating with regulators, perhaps more time could have produced a better outcome,” Oxley says.

“Where a policy would have given them assistance? Their business licence would have been covered, their assistance dealing with the media, although ultimately their brand was lost, had the business survived their brand would have taken some serious hits.”