Designed for businesses with annual turnovers up to $10 million, Cylo uses a three-step model – resist, respond, recover – crafted in partnership with cybersecurity provider UpGuard and claims management firm Crawford & Co.
The launch of Cylo aligns with Australia’s Cyber Security Awareness Month, which promotes the theme “cyber security is everyone’s business” as cyber incidents become more frequent and damaging.
Last year, Australia recorded approximately 94,000 cyber incidents, with a cybercrime reported every six minutes on average. This marked a 23% increase from the previous year.
Con Bakas, Cylo’s chief underwriting officer, pointed out that while many SMEs rely on basic tools like antivirus software to protect against attacks, these alone may not be sufficient given the growing complexity of cyber threats.
“What we’re seeing, even at a basic level, is that some of the critical elements that small businesses use in terms of baseline risk management, like malware protection and backups, isn’t enough,” he said. “Hackers are becoming very courageous and clever in terms of the way they’re attacking systems. They’re trying to find businesses that don’t have the necessary controls.”
See LinkedIn post here.
Bakas noted that hackers frequently target SMEs due to their comparatively limited cybersecurity resources, yet only about 20% of Australian SMEs currently hold cyber insurance policies. This relatively low uptake suggests that many small businesses are unprepared for the operational and financial impact of potential cyber incidents, including ransomware attacks.
“What happens when there’s an incident, are they ready with an incident response plan? If a hacker seizes their systems and demands a ransom – who and how will they manage it? That’s where it’s incredibly important to have a more holistic approach to cyber security, but also to have cyber insurance,” he said.
IAG noted that cyber incidents can result in significant financial losses, with the average claim for SMEs estimated at A$46,000 and around A$97,000 for larger businesses.
Beyond direct costs, Bakas emphasised the impact of business interruptions, which can lead to extended downtime and revenue losses.
“It’s almost impossible for most organisations, especially SMEs and their brokers, to know what to do when an attack happens,” he said, emphasising that a rapid-response approach provides SMEs with access to cybersecurity experts who can assess the attack, contain it, and get the business operational again.
In addition to IAG’s Cylo launch, law firm Kennedys is marking Cyber Security Awareness Month by releasing insights into new cybersecurity regulations across the Asia-Pacific (APAC) region.
The report covered key policy developments, such as Australia’s proposed Cyber Security Bill 2024, Hong Kong’s new protections for critical infrastructure, and a cybersecurity ratings initiative for medical devices in Singapore.
