Cyber Risk

Cyber risk

Did you know that in 2016, 56% of kiwi businesses were affected by cyber-crime? Despite that statistic and the significant associated risk, 45% of kiwi businesses still do not have a cyber-response plan or adequate insurance.

Data protection and network security are in fact leading risk issues for all businesses due to their reliance on technology and the collection of information required for a modern business to operate.

Cyber-crime and data breaches can result from external malicious or nuisance attacks or from internal human error and system failures. Managing these risks requires continuous focus and is further complicated by an increasing trend to outsource business functions to third parties such as payroll processors, data back-up and cloud related services.

Consequently, businesses can be exposed to loss of productivity, loss of revenue/profit and reputational harm that these risks present, and which can devastate a company’s bottom line.

Talk to your local Aon broker

Who is cyber risk insurance for?

All businesses, regardless of industry or size, use technology and the collection of information to operate. A business could be particularly exposed to cyber risk if it:

  • Engages vendors, independent contractors or additional service providers
  • Gathers personal or corporate information
  • Has a high degree of dependency on electronic processes or computers
  • Has an online presence and/or point-of-sale machines
  • Has employees, particularly any potentially disgruntled employees
  • Has remote working, outside central place of business
  • Is subject to NZ or international privacy legislation
  • Is subject to Payment Card Industry Security Standards

Understand your business exposure

How can a cyber event affect your business?

Paul Wyatt , Company CEO and owner of Wyatt Machine Tools, shares his experience after his business suffered a major cyber attack.

From Malware To Phishing: Your Guide To Cyber Crime

Top reasons to consider cyber insurance

Traditional insurance covering physical assets and liabilities to third parties fails to provide adequate protection for cyber-related exposures and expenses emanating from intangible assets such as computer networks and data.

The expenses of dealing with a breach of security or data incident comprise of your own costs to respond and third party costs incurred to defend and settle with others. Policies differ between insurers and the below table demonstrates what costs a robust cyber insurance policy can cover:


A cyber insurance policy will also provide:

Expert assistance (24/7) - crisis response IT, public relations and legal assistance to:

  • quickly restore or recreate data or software
  • manage customer obligations and business reputation
  • keep the business running

Insurance recovery of costs (as noted above) including:

  • the costs of the expert assistance
  • lost profit/income and extra expenses
  • costs to retrieve data or systems held to ransom
  • defence and settlement costs from third party claims and privacy regulators

Five question analysis

Take our quick five question self-analysis. If you answer yes to any of these questions, you may want to consider cyber risk insurance for your business.

Five question self-analysis

Why Aon?

Aon are leaders in helping businesses to identify, manage and insure cyber risks. Using proprietary tools and understanding of cyber exposures, Aon can assist to reduce risk and help to negotiate cyber insurance cover in what is a complex and developing area.

Aon’s dedicated specialist cyber team form part of a global cyber practice which allows Aon to share with you experiences from our clients and insurers from around the world. This will assist you when arranging cover, benchmarking premiums and responding to cyber incidents.

Aon Group Risk Consulting (AGRC) services offers Insurable Risk Profiling and Gap Analysis for cyber risk exposures. Using a structured method of risk analysis to determine key risks and their financial impact, allows for a more granular view of risk and assists with risk management and transfer strategies. The output facilitates and demonstrates good corporate governance and can easily be linked to your organisation’s broader risk management activities.

News and Articles

How Ransomware Attacks Work – And Why Hackers Won’t Stop Using It

Ransomware attacks are fairly easy to carry out and a quick way to score some cash

End of the Wild Wild Web: Navigating Cyber Regulations

WannaCry and then Petya... will cyber regulations help reign in the Wild Wild Web?

The Bangladesh Bank Heist: Lessons in Cyber Vulnerability

The Bangladesh Bank Heist is considered one of the biggest of all time, the thieves managing to get away with $81 million. What did this heist teach us about cyber vulnerability?

A Holistic Approach to Cyber Risk

Jason Hogg, new CEO of Aon Cyber Solutions and Stroz Friedberg discusses what brought him to Aon and how organizations should be approaching cybersecurity as an enterprise-wide risk.

WannaCry ransomware cyber-attack – what you need to know

New ransomware Petya used the same vulnerability as WannaCry

Stroz Friedberg blog post on why cyber resilience is business critical.

The New World Order of Cyber Threats

With cyber risk on the rise, and business interruption a growing concern, we explore in detail the so-called WannaCry and Adylkuzz incidents and provide guidance on how organisations can better prepare for the future.

7 questions to help determine if your organisation was ready for WannaCry

Including recommendations on how to protect yourself.

What made this strain of ransomware so dangerous?

While the initial WannaCry virus was partially stopped in its tracks after a couple of days, the full extent of the damage remains unclear.

WannaCry ALERT – what you need to know and what to do if you are affected

This website contains general information only and does not take into account your individual needs or financial situation. It is important to note that limits, excesses, terms and conditions and exclusions apply to the products and services outlined on this website. Please refer to the relevant policy documents for details of cover, the provision of which is subject to the insurer’s underwriting criteria that apply at the time. Please contact us if you have any questions.