Delta Insurance New Zealand has introduced what it says is the most comprehensive cyber security insurance product available in New Zealand, providing coverage across the full spectrum of cyber risks before, during and after any incident.
Delta is also offering a range of services in addition to insurance. It will help organisations identify potential exposure to cyber risk and assist in implementing a comprehensive proactive plan; it will assist with IT triage, crisis and reputation management, system and data analysis and restoration, and third party claims; and “may also assist with the cost of strengthening the organisation’s cyber security (such as with shielding) and reviewing the emergency response plan to ensure better outcomes in the future.”
To provide these services Delta says it has created a team of experts from 13 organisations across all aspects of the cyber security risk spectrum. It quotes PwC New Zealand figures saying that 55 percent of New Zealand organisations do not have an operational cybercrime incident response plan, but 40 percent expect to experience a cybercrime in the next two years.
Delta says that SMEs are particularly vulnerable, and generally under-insured. “Therefore, as part of Delta’s new offering SME policy holders can receive access to free cyber security assessments from Need a Nerd, UNITEC, Houston Technology, InPhySec, Network Box or Aura Information Security,” the company said.
Delta’s move comes in the wake of Trans-Tasman business advisory firm BDO and the Australian cyber emergency response team, AusCert, launching a survey Australian and New Zealand companies’ approach to cyber insurance, a market that is still very immature with little standardisation.
Computerworld reported a US security expert noting: “If you look at 10 different cyber liability policies, you’re likely to find 10 different packages of coverage.”
The managing director of Delta Insurance, Ian Pollard, said: “While the conversation around cyber security has moved on to the practical support and resources required to better protect businesses, the implementation of cyber security management plans is happening too slowly with the prevailing opinion being that it is something that will happen to other people.”He added: “Businesses need to be clear that cyber security is not just about IT triage. A robust management strategy will ensure that when the worst happens you understand the impact on each aspect of the business, and that the required support network across IT, legal, forensics and reputation is available and covered by your insurances.”