Many people have become desensitised to the continued warnings about cyber threats.
But cybercrime isn’t something that happens to someone else. It could happen to you, whether you’re an individual, a small business, a large corporation or a strata scheme.
Strata managers need protection
As strata managers are responsible for the financial affairs of a strata scheme, they bear a significant amount of responsibility to protect the scheme’s interests.
Cyber insurance not only ensures the strata scheme’s funds are protected, but it also safeguards the strata manager’s own funds and reputation. Without this, the strata manager will be liable to cover any financial loss.
In addition, providing strata schemes with evidence of a strong policy can build owners’ trust and confidence that the manager is protecting them and acting in their best interest.
How self-managed strata schemes are exposed
A self-managed scheme pays its own accounts and manages its own finances, so it’s also exposed to potential cyberattacks.
However, cyber is a General Exclusion in most strata building insurance policies, with few insurers willing to venture into this specialist area. Even if cyber coverage is offered, strict conditions often negate a claim because if the conditions had been followed, it’s unlikely the losses would have occurred.
Therefore, a self-managed strata scheme may want to purchase a standalone cyber insurance policy. This would provide comfort that there may be some monetary relief if funds are lost due to cybercrime and also relieve the pressure on the individuals responsible for making payments.
Cybercrime is a big business
A cyberattack is an attempt to access a computer network or system with the intent of altering, stealing, destroying, or exposing information.
Cyberattacks don’t just happen to large corporations – these are just the ones that make the news headlines. SMEs are arguably more vulnerable to cyberattacks because their systems are often manual and prone to human error, which accounts for a significant percentage of cyber losses.
Staggering statistics
Well-resourced teams of cybercriminals are earning themselves billions in ransoms and causing trillions of dollars in damage every year. It’s one of the most significant and costly threats to businesses.
- Worldwide, cybercrime cost companies an estimated $8 trillion in 2023…and it’s expected to rise to nearly $24 trillion by 2027.
Small and medium businesses (SMEs) face the most significant risk from cyberattacks.
- 43% of cyberattacks are aimed at small businesses*.
- SMEs are less prepared to defend themselves against cyberattacks, with 48% of Australian SMEs spending less than $500 a year on cybersecurity.
Common types of cyberattacks in strata
The strata industry is relatively silent about cyber events. However, they have occurred, sometimes resulting in significant losses. Strata managers fear reputational damage, so they quietly repay the stolen funds into the strata scheme’s account or separately pay a contractor’s bill, for example.
- Email interception. This is the most common type of attack in strata. Cybercriminals intercept emails from a strata manager, its clients or suppliers to alter invoices and other payment information. The cybercriminal may advise of a change to bank account information and claim that failing to verify account details verbally with the supplier may result in payment to a cybercriminal.
- Social engineering. Uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. A simple phone call may be all that stands between your strata scheme and the cybercriminal.
- Phishing. Entices users to click on malicious links that may download infected files or reveal personal information, such as passwords or account numbers. Cybercriminals may pose as retailers, banks or financial institutions.
- Ransomware attacks. Uses malicious software (malware) to encrypt files or block access to a user’s computer systems. This could damage a strata manager’s accounting system and make funds inaccessible, for example.
- Identify theft. The theft of private and confidential information about scheme members can lead to identity theft, where personal information is sold on the dark web.
Cyber insurance protection
Cyber insurance provides cover for first-party expenses and third-party liability resulting from unauthorised access and use of data or software within IT infrastructure. The following are some examples of how this might occur.
Plug into a network of support
A good cyber insurance policy helps manage more than just the initial financial loss.
- Business interruption
- Hiring negotiators and paying a ransom
- Recovering or replacing records or data
- Liability and loss of third-party data
- Legal defence
- Copyright infringement
- Misuse of intellectual property online
- Crisis management and monitoring
- Prevention of further attacks
The more strata managers and schemes that take up cyber insurance, the stronger the fight becomes. Together, we can make the strata sector more secure and resilient, while enhancing its professional reputation and managing evolving risks.
Cybercrime is no longer something that happens to someone else, and good cyber insurance is no longer a luxury. Cyberattacks can come in many forms, but knowledge, good monetary policies and vigilance are a must.
There’s an increasing expectation that businesses demonstrate both strong prevention protocols and the ability to recover from and respond effectively to cyberattacks.
If you have any questions…
*Accenture’s Cost of Cybercrime Study 2023