The hidden threat: rising cyber incidents in Australia and the urgent need for cyber insurance

19 June 2025

Jehan Mata
Partner
Sparke Helmore Lawyers

Jehan Mata
Partner
Sparke Helmore Lawyers
t: +61 3 9291 2374

Jehan is an experienced insurance litigator with a strong background in professional indemnity, professional negligence, casualty line and health law claims. She is passionate about health law, medical and professional ethics, legislative and contractual interpretation and works with insurers and corporations on a wide range of general liability claims. Jehan also provides coverage advice to insurers and pursues recovery actions for first party property losses. She is known for her clear and succinct advice, strong negotiation skills and highly strategic and proactive approach to dispute resolution.

Cyber incidents are recognised as one of the key risk facing businesses globally. This risk has rapidly reached Australian shores, driven by technological advancements that have enhanced the capabilities and threats posed by cybercriminals and state actors. The Australian Signals Directorate Cyber Threat Report (CTR) identifies the most reported forms of cybercrime as email impersonation attacks, fraud, ransomware, and data theft extortion.

Prime targets for cybercriminals

The Australian Cyber Security Centre warns that small to medium-sized enterprises (SMEs) are particularly vulnerable to these risks due to insufficient cybersecurity defences. According to the CTR, the high financial burden of cybercrime is significant; SMEs lose an average of $49,600 per incident, medium businesses $62,800, and large businesses $63,600. The Office of the Australian Information Commissioner noted a significant increase in cybercrimes in the first six months of 2024, with 527 data breach notifications, marking the highest level in three and a half years.

Industries most frequently targeted by cyber attacks including healthcare and financial services, with the education sector also being a significant target.

The role of cyber insurance

As cyber threats become more sophisticated, cyber insurance is becoming an essential measure to mitigate financial and operational risks. While policies vary, cyber insurance typically provides financial protection against incidents that involve:

forensic investigations to determine the breach source
data restoration and system recovery
customer notification and rectification services
regulatory fines and penalties
legal advice on ransom payments and compliance, and
business interruption losses due to cyberattacks.

In addition, some insurers offer negotiation services for ransomware incidents and indemnification for ransom payments.

Impact of AI on cybersecurity

The integration of AI into cyber operations is rapidly increasing the sophistication of cyber threats and the effectiveness of cybersecurity measures. AI technologies enhance real-time threat detection and automated defensive responses. However, cybercriminals and malicious state actors are also leveraging AI to conduct highly targeted attacks, such as deepfake-based fraud, automated phishing campaigns, and adaptive malware. As these threats evolve, Australian businesses must proactively strengthen their cybersecurity posture to safeguard digital assets and prevent financial losses.

Meanwhile, the emergence of AI raises new concerns, such as the potential for ‘silent AI’—unintended coverage for losses resulting from the implementation, embedded or otherwise, of AI technologies and unforeseen risks. This highlights the need for insurers to stay informed about economic and legal trends that could affect AI-related claims on traditional policies. Underwriters should investigate how their insureds utilise AI to evaluate these risks.

Privacy reforms

In Australia, the second tranche of the upcoming privacy law reforms (Tranche 2) is expected to amplify the financial risks associated with cyber incidents, underscoring the importance of cyber insurance in managing potential liabilities. Stricter regulations on data protection and breach reporting will impose substantial penalties and could lead to reputational damage for non-compliance. Notably, the removal of the small business exemption under Tranche 2 will significantly expand compliance obligations.

Furthermore, mandatory reporting of ransomware and cyber threat payments recently come into effect for all entities with annual revenue of $3 million or more.

Key takeaways

For SMEs / businesses

Given that even minor cybersecurity incidents can have significant financial impacts on SMEs, the Australian Cyber Security Centre recommends simple and cost-effective measures to improve cybersecurity, such as enabling multi-factor authentication, updating software, and backing up information. SMEs should also consider cyber insurance as an added protective layer to mitigate risk exposure. This can ensure that any breaches can be promptly and efficiently addressed by an experienced breach coach.

Businesses should proactively assess their cybersecurity frameworks, invest in robust data protection strategies, and secure cyber insurance to safeguard against potential regulatory penalties and financial losses.

For insurers

For insurers, the key takeaway regarding cyber insurance is that the market is constantly evolving, with increasing demand as well as growing risks and challenges. Although premiums are decreasing in some areas due to competition and improved awareness, the frequency and severity of claims remain high. This situation requires insurers to carefully manage their risk appetite and capacity.

As a final note, while the Federal Government has committed $15 billion to strengthen the current cybersecurity framework, the high level of risk in this space indicates that the private sector must prepare for increasingly costly digital challenges in the near future.

We would like to acknowledge the contribution of Dinah Amrad, Maxwell Watson.

18-12-2025 | 2025 year end cyber reflections

18-11-2025 | Vinomofo data breach determination - the obligation to take reasonable steps

24-10-2025 | Significant penalty ordered by Federal Court in ACL cyber breach

30-09-2025 | Sparke Bytes - September 2025

05-09-2025 | Thinking of getting legal advice from an AI assistant? Think again.

25-06-2025 | Sparke Bytes - June 2025

Media room