Is Your Business Protected Against Ransomware Attacks?

Ransomware software is rapidly evolving, with advancements leading to a growing number of increasingly sophisticated attacks on Australian businesses.

Ransomware attacks are conducted by perpetrators who use malicious software to encrypt computer files, making them inaccessible. Once the software has been successfully downloaded onto the targeted computer, the victim’s data is held at ransom by the cybercriminal. Cyber attacks of this nature can be incredibly difficult to track, putting valuable company information at risk and imposing significant security threats.


The Impact of Ransomware on Australian Businesses

There have been more reported ransomware attacks during 2019 than in the entirety of 2018 but, alarmingly, 49% of Small and Medium-Sized Enterprises (SMEs) don’t have a response plan for managing data breaches. Without strong systems in place to manage incidents, organisations may find themselves still recovering from ransomware attacks weeks, if not months, after their occurrence.

A recent report has found that, of those surveyed, 47% were unaware of or didn’t understand their obligations under the Notifiable Data Breaches scheme. When an organisation experiences a data breach, they must notify any individual whose personal information is directly involved in or affected by the incident. If those who aren’t familiar with the requirements outlined in the Notifiable Data Breaches scheme fail to report a breach, they may unknowingly expose their business to significant financial penalties.

Typically, large organisations have more extensive response plans for managing ransomware attacks than SMEs. It’s not uncommon for SMEs to experience “breach fatigue” and, as a result of this, underestimate their organisation’s exposure to harmful cyber attacks. When only 27% of Australian SMEs have cyber risk insurance, the concerning nature of such assumption is amplified.


How to Protect Your Business Against Ransomware Attacks

By ensuring you take the appropriate measures, you can lower your risk of falling victim to ransomware attacks and avoid exposing your business to catastrophic security breaches. With a comprehensive response plan, you will be better prepared to manage the fallout, protect your data and make a quick recovery.

Some simple ways you can protect your business against ransomware attacks include:

  • Being cautious of suspicious, unexpected emails;
  • Ensuring you are using up-to-date anti-virus software;
  • Keeping at least one reliable back-up of your data and performing regular tests to ensure information can be restored;
  • Creating a comprehensive incident management plan.

Find out which cyber risk insurance policy would be best suited to your needs by getting in touch with your insurance advisor.


Conditions apply for each policy and the information expected from you for a policy to trigger. Coverage may differ based on specific clauses in individual policies. Please ask your broker to explain the additional benefits and exclusions pertaining to your policy.

The information provided is general advice only and does not take account of your personal circumstances or needs. Please refer to our financial services guide which contains details of our services and how we are remunerated.