Australasian firms face tougher cyber cover rules than global peers
The report, based on research involving 400 professionals from cyber insurance broker and carrier companies worldwide, identifies that organisations in Australia and New Zealand must satisfy higher security standards to qualify for coverage. The average business in these markets must now have a minimum of six security controls in place, whereas the global average is five.
The findings suggest the more rigorous scrutiny is a result of the elevated risk profile in the region, where businesses are 9% more likely to experience a 'significant' cyberattack compared to the global average. This has prompted insurers to tighten eligibility criteria in an effort to protect themselves from mounting risks.
Insurers have reported a growing expectation that cyber insurance premiums will rise, with 72% of global respondents anticipating increased rates in the coming year. This follows an intensification of the threat landscape globally, driven chiefly by the adoption of artificial intelligence systems, large language models, and mounting data privacy concerns, all of which are contributing to more sophisticated attacks.
Regional requirements
For businesses located in Australia and New Zealand, the report notes email security (87%) and identity and access management (84%) as the two most commonly required solutions for cyber insurance eligibility. These requirements sit considerably above the survey's global averages, with email security at 66% and identity and access management at 53% worldwide.
Despite the prominence of these foundational controls, the survey highlights that advanced protections – such as round-the-clock Security Operations Centres (SOC) and managed detection and response solutions – are viewed as the most impactful measures for enhancing security postures.
Common claims and causes
Globally, ransomware remains the most frequent type of incident prompting claims, with 18% of insurance professionals reporting that their clients were affected in the last 12 months. Data breaches, theft of funds, and phishing incidents follow in frequency.
Artificial intelligence is cited among leading contributors to changing the nature of cyber threats. The research shows that increased adoption of AI and LLMs (large language models) are raising the complexity of attacks, posing new challenges for businesses and insurers alike.
Insurance gap and hesitancy
The survey also identifies that, despite the rising frequency of attacks, only 12% of policyholders have submitted claims in the last year. A notable finding is that a quarter of incident claims were rejected due to policy gaps, highlighting that many policies contain exclusions that are not fully understood by businesses until after incidents occur. Steve Hunter, Director of Engineering, ANZ at Arctic Wolf said: "In one of the world's most targeted cyber markets, businesses in Australia and New Zealand face insurance scrutiny like never before. Six security controls are now the entry ticket for coverage in ANZ, higher than the global average. High-profile attacks and the heightened risk of regulatory action, as seen in the Optus case, is raising the stakes for insurers and forcing local organisations to prioritise security operations as a critical business function. Insurance is no longer a financial safety net – it's a test of cyber readiness and business resilience."
The report finds that with these evolving conditions, both insurers and policyholders in Australia and New Zealand are having to adapt to an environment where robust cyber defences are not just advised, but required, for coverage eligibility. The full impact of these changes is expected to continue unfolding as both regulatory expectations and threat actors' capabilities evolve.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
15 minutes ago
- Techday NZ
Why a confidence-inspiring contact centre is one of your organisation's greatest assets
In today's times, Australian customers want to deal with businesses whose service is swift, seamless and safe, ANZ vice president, Paul Rilstone, and CXTT Principal and Transformation Specialist, Michael Clark write. Are you one of the millions of Australians who's had the unwelcome news that your personal data has been compromised and is in the hands of a cyber-criminal or several? The accessing of customer records containing names, dates of birth, email addresses, phone numbers and other sensitive data has become an all-too-frequent event, as sophisticated actors continue to seek out weak spots in companies' IT defences. Increasingly, these clever, unscrupulous individuals aren't only using their technical expertise to gain an 'in'. They're adopting social engineering strategies; attempting to manipulate and deceive employees, via phishing, multi-factor authentication and email bombing gambits. Those working in contact centres, engaging with customers and members of the public day in, day out, are squarely in the firing line. A matter of trust However it occurs, a cyber incident erodes customer trust. If a business has the misfortune to experience one, rebuilding that trust is critical. That's where the contact centre has a vital role to play. Rapid digitisation means they've become the beating heart of many organisations – their primary interface with the world and a one-stop-shop for service delivery. Offering responsive, seamless and reliable service is critical, and in the wake of a crisis never more so. Organisations that do this well tend to find it easier to restore trust and rebuild their brands. Conversely, those that fall short, by making it difficult or painful for customers to engage with them, are laying themselves open to ongoing questions about the quality of their offering and operations. Improving your contact centre operations with AI In today's times, getting it right means making smart decisions about how AI should be incorporated into your contact centre. Deploying AI and automation technology can give your customers the power to self-serve their way through run-of-the-mill processes, and provide answers and resolutions to many of their more straightforward queries and issues. That's a win-win when it works well: no more hanging on the line makes for a better experience for customers and can deliver a sizeable efficiency dividend for your business too. The human touch But not all problems can or should be managed by AI. However sophisticated and intuitive it may become – and it continues to evolve and improve at bewildering speed – there will always be complex calls, emails and messages that require human scrutiny and judgment. Striking the optimal balance between what to automate and what to leave in human hands is no easy matter. In the rush to transform their contact centre operations, many companies are making the mistake of addressing the challenge with piecemeal solutions. Rather than re-imagining what stand-out customer service and experience look like and then using this game-changing technology to help them deliver it, they're replicating many of the same old processes, using AI, rather than human agents, to engage with their customers. All too often, the result is clunky, disjointed and unsatisfactory. Enlisting expert assistance That's why it pays to work with specialists who understand contact centre best practice and how AI technology can enable your organisation to achieve it. They'll map your workflows and processes and develop customer journeys where automated processes expedite and augment the work of your human agents. This will enable you to eliminate the duplication and double handing of data and orchestrate actions across all your critical systems. It's a smart way of ensuring the time and resources you're expending lead to high quality customer experiences that enhance your brand. Setting your organisation up for a stronger future In 2025, customers' trust is hard won and easily lost. Operating a responsive contact centre that offers personalised, seamless service can help you gain and retain it. If maintaining mind and market share matter to your organisation, it's well worth investing in the resources you need to get it right.
NZ Autocar
2 hours ago
- NZ Autocar
Electric car RUCs coming for Australia
Australia is considering a road-user charge (RUC) system for electric vehicles (EVs) to help offset falling fuel excise revenue. Currently EVs don't pay excise tax or road tax. And they now account for around one in ten new car sales. Federal Treasurer Jim Chalmers has met with the transport and infrastructure industries to propose the RUC plan, and organise a timeline for its implementation. Once up and running, all electric cars will pay a tax based on distance travelled, or at least that is the plan. Currently, the government adds a 52c fuel excise at the pump, with the sum aimed at maintaining and improving roads. However, BEVs are exempt on account of not needing fossil fuels. So a road-user charge would mean owners of non-ICE vehicles will also contribute to ongoing road maintenance. The fine details of the tax have yet to be ironed out. It is unclear whether rural EV owners will pay less than urban dwellers. Victorian Treasurer Tim Pallas said: 'You've got to be conscious of the fact that there are areas that will be disadvantaged by a purist model of road use…so you have to make allowances for that,' according to a report in the Australian. Whatever happens, the new tax looks to be a while away. Chalmers is suggesting it won't happen until 2028. Victoria tried to introduce a RUC system for EVs and plug-in hybrid electric vehicles (PHEVs) in mid-2021. However, only the Federal Government has the power to impose such a charge so it was scrapped. The NSW Government wants to implement a similar system from July 1, 2027 but again it would not be enforceable unless adopted nationwide. Whether Australia follows New Zealand in implementing a road-user charge system that includes all light vehicles is unclear. No country or state has yet introduced a scheme where all powertrain types pay RUCs. More information on the Australian plan will be announced soon.
Techday NZ
2 hours ago
- Techday NZ
Accenture to acquire CyberCX, boosting Asia Pacific security
Accenture has announced an agreement to acquire CyberCX, a cybersecurity services provider in the Asia Pacific region, to strengthen its capabilities and client service offerings in the sector. CyberCX, founded in Melbourne in 2019, employs approximately 1,400 cybersecurity professionals and delivers services to both private and public sector clients across Australia, New Zealand and internationally. The company provides end-to-end services, including consulting, transformation, managed security, offensive security, cyber physical security, crisis management, threat intelligence, and managed detection and response. Additional offerings include strategic advisory, identity, cloud, and network security solutions. With advanced security operations centres located across Australia and New Zealand, and additional offices in London and New York, CyberCX combines regional insight with international reach. Its service portfolio includes AI-powered security platforms that provide detection and response, sovereign secure cloud, a cybersecurity training academy, and proprietary tools for security testing and cyber intelligence. The acquisition is set to be Accenture's largest in the cybersecurity space to date and is expected to expand its service footprint in Asia Pacific, supporting its business resilience, protection of critical infrastructure, and secure enterprise transformation. Accenture's recent research, the State of Cybersecurity Resilience 2025 report, found that 97% of Australian organisations remain unprepared to secure their AI-driven operations and 80% lack key data and AI cybersecurity practices to safeguard their models, data pipelines, and cloud infrastructure. According to Paolo Dal Cin, Global Lead at Accenture Cybersecurity, the two companies have aligned perspectives on how cybersecurity supports business transformation and resilience. "CyberCX and Accenture share a mission to harness the power of cyber to help our clients securely navigate change, accelerate business reinvention and build resilience against evolving threats. By combining Accenture's agentic AI capabilities with CyberCX's strong market leadership, innovative offerings and trusted C-suite and government relationships, we will enable clients across Asia Pacific to transform cybersecurity into a strategic advantage." CyberCX holds partnerships with major cybersecurity companies, including Microsoft, Palo Alto Networks, and CrowdStrike, and has received recognition in the region for its managed services and system integration capabilities. The business is supported by over 2,600 certifications, reflecting expertise across its service areas. Peter Burns, who leads Accenture's business in Australia and New Zealand, commented on the changing landscape in cybersecurity demand and the impact of advancing technologies. "Client demand for cybersecurity services is accelerating as data and digital environments become increasingly connected and heightened threats are exposed across operational value chains, supply chains and the enterprise. The need for responsible governance is also rising as AI and Quantum technologies advance. CyberCX's breadth of capabilities, trusted relationships with government and critical infrastructure organisations, and exceptional talent in the region, combined with Accenture's local and global scale and innovation, will help us meet this ever-increasing client need." John Paitaridis, Chief Executive Officer of CyberCX, highlighted the significance of the deal for the firm's growth and its mission to enhance cyber defences for clients. "We are immensely proud of the business we have built, becoming one of the leading providers of cybersecurity services in the region. Joining Accenture's global cybersecurity organisation enables our exceptional people to combine forces with global capabilities and provide world-leading cybersecurity services to an even greater number of clients across Asia Pacific as we accelerate our growth in the region. Our shared mission for helping clients stay ahead of emerging threats and build resilience makes this a force multiplier." The planned transaction follows a series of cybersecurity acquisitions by Accenture since 2015. Past deals include the acquisitions of Morphus, MNEMO Mexico and Innotec Security, among others. The company states the acquisition of CyberCX is part of its strategy to enhance its cybersecurity offerings and solutions globally. The deal terms were not disclosed. The finalisation of the acquisition remains subject to customary closing conditions, including regulatory approvals.
