Cyber Liability Cyber Liability

Cyber Liability

Cyber liability is a challenging area because the threat landscape is constantly transforming and evolving.

The regulatory landscape in Australia and internationally is also becoming more onerous for business. Changes made to Australia’s Privacy Act 1988 (Cth), which operate from 22 February 2018, establish a mandatory notifiable data breach scheme that applies to many.

Cyber law can also reach across international borders. The EU’s General Data Protection Regulation (GDPR) for example, effective from 25 May 2018, imposes significant obligations and pecuniary penalties on organisations acting within the EU or with its citizens… even businesses from as far away as Australia.

Cyber policies are designed to meet some of those risks and alleviate the burden of a cyber event. However policies and their claims offerings can differ markedly from insurer to insurer, and require careful examination as not one size fits all.


How does cyber liability insurance protect your business?

At present, most Australian cyber insurance policies will typically cover the following areas:

  • Your costs associated with responding to a defined data breach event (such as data recovery, incident investigation and mitigation, notification to regulators and customers, public relations expenses)
  • Cyber extortion
  • Regulatory penalties and fines (such as those that may be imposed by the Privacy Commissioner)
  • Business interruption
  • Third-party claims and defence costs.

However not every policy is the same. Coverages offered in the current market can and do differ significantly between insurers, with some offering additional insurance (such as cyber reward or phishing cover) and others being less generous in their terms.

We predict that, over the next few years, there will be an increase both in the uptake of this insurance and in the number of claims.


Barry.Nilsson. was one of the first law firms in Australia to advise both insurers and insureds on the complex legal issues surrounding cyber risk and the many insurance policies designed to meet them.

As a result of our extensive experience in this area, our lawyers have an understanding of:

  • Current and emerging cyber risks (both global and local), including claims and risks trends
  • Local and international legal developments (both statutory and common law), and their likely effect on insurers underwriting these risks, as well as the likely losses resulting from claims
  • The different insurance policies available in the market and how those differences can impact insureds.

This means that we are well positioned to assist you with any issue relating to cyber risk or liability, including drafting cyber insurance policies suited to the local market, responding to claims and advising on cyber insurance coverage issues.

Need assistance?

Submit an enquiry online and we will be in touch as soon as possible, or call one of our national offices directly.