Emerging Trends in Cyber Insurance
Jason Norris
16 Jun 2025
Article
Share:
Let’s be honest, when you hear the word cyber, what comes to mind? Chances are, it’s another headline about a phishing scam or a major corporate data breach. It’s familiar territory: email hacks, stolen credentials, and ransomware demands flooding inboxes and boardrooms. But there’s a critical part of the conversation that’s often overlooked—what about industry and manufacturing? As Australian industries become increasingly automated and digitally interconnected, they’re also becoming further exposed. Yet, the spotlight on cyber risks remains firmly on the office environment. Behind the factory doors, cybercriminals are now targeting operational equipment, taking control of machinery, disrupting supply chains, and holding entire operations to ransom.
This isn’t theoretical. It’s already happening.
According to the Australian Signals Directorate’s Annual Cyber Threat Report 2023–2024, there were more than 87,400 cybercrime incidents in FY24, a significant increase from previous years. And while big corporations make the news, small businesses are getting hit the hardest, losing an average of $49,600 per incident, up 8% year on year.
As more manufacturing businesses move toward automated systems and real-time digital processes, the risk is no longer just about stolen data. It’s about the possibility of entire systems being shut down or taken over.
If hackers gain access, they could stop a production line with the click of a button. The impact goes far beyond inconvenience—it means lost time, missed deadlines, damage to your reputation and real financial loss.
Even so, many manufacturers still see cyber insurance as something for the IT team, not the factory floor. That mindset can leave essential operations exposed when things go wrong.
AI isn’t just helping businesses run faster; it’s also arming cybercriminals with smarter, harder to detect tools. From hyperpersonalised phishing scams to deepfake-driven fraud, today’s cyber threats are more advanced than ever. The impact of this is being felt beyond the IT department, and insurers are taking notice.
With attacks becoming harder to predict and more expensive to rectify, insurance providers are tightening the rules. Many now require businesses to prove they’ve invested in comprehensive cybersecurity measures before even considering coverage. Think zero-trust architecture, continuous threat monitoring, and a proactive risk strategy.
So in 2025, the message couldn’t be clearer. Cybersecurity is no longer just an IT issue—it’s a business necessity. Without strong protections, companies face more than just a breach; they also struggle to secure insurance.
As threats continue to evolve, how we prepare, protect and manage risk must keep pace.
“In industries like finance, it’s pretty common to follow internationally recognised standards like GS 007. But we’re seeing more businesses across the board start to do the same. It’s a way to show insurers you’re serious about protecting your data and reducing risks, which can really help when it comes to getting the right coverage.”
Alan Moran - General Manager | Austcover
Supply chain disruptions caused by cyberattacks are becoming more common, especially in industries that rely heavily on digital systems like shipping and transport. Every time a business deals with a supplier, distributor or retailer, there’s a risk of cyber disruption. That opens the door to theft, scams and hacking.
In the 2023–2024 financial year, 80% of organisations were hit by identity-related breaches linked to software supply chains. It’s a clear sign that these systems need tighter oversight to avoid costly fraud and data loss.
While supply chain risks grab a lot of attention, ransomware and social engineering remain serious threats in their own right. Ransomware incidents, which made up 11% of reported cyberattacks in FY24, can quickly bring business operations to a standstill by locking down essential data and demanding large ransoms to restore access. Meanwhile, social engineering attacks—like phishing emails or impersonation schemes—are becoming increasingly sophisticated, often catching employees off guard and opening the door to deeper breaches.
Recognising the growing impact of these attacks, insurers are updating cyber policies to cover ransom payments, business interruption, and incident response, helping companies bounce back faster when they’re targeted.
As cyber risks evolve, insurers are adjusting their approach to policy coverage. Traditional, one-size-fits-all policies are increasingly outdated, leaving businesses exposed to emerging threats. To address this, Australian insurers are moving towards more tailored solutions that cater to specific cyber risks.
Alan Moran, General Manager at Austcover, points out that as cyber risks grow, insurers are looking more closely at how businesses prove their security.
“It’s not just about ticking boxes anymore, Insurers want to see some kind of external proof that your systems and processes are solid. That usually means meeting certain standards or frameworks. In industries like finance, it’s pretty common to follow internationally recognised standards like GS 007. But we’re seeing more businesses across the board start to do the same. It’s a way to show insurers you’re serious about protecting your data and reducing risks, which can really help when it comes to getting the right coverage.”
Alan Moran - General Manager | Austcover
This flexibility allows businesses to secure coverage that aligns with their unique vulnerabilities, while also emphasising the importance of strong cybersecurity practices to qualify for comprehensive protection.
As more businesses use IoT and AI technologies, insurers are offering cyber insurance that focuses on the specific risks these bring. These policies can cover:
This kind of coverage helps businesses stay protected as they rely more on these advanced technologies.
As cyber threats become more complex, insurance costs are rising. To keep premiums under control, businesses need to show they’re serious about protecting themselves. This means using tools like Multi-Factor Authentication, maintaining strong security systems, and conducting regular security checks. Insurers are increasingly looking for proof that companies are actively managing their risks—without it, getting coverage can be difficult or more expensive. Following trusted guidelines like the Essential Eight Risk Mitigation Strategies developed by the Australian Cyber Security Centre can help businesses meet insurer expectations and keep premiums manageable.
Cyber insurance policies often include exclusions, such as not covering breaches that happen through third parties or limiting payouts for business interruptions. With many employees bypassing security measures, especially in hybrid work setups, businesses face new risks that standard policies might not cover.
In FY24, email compromise and business email fraud made up about a third of all reported cybercrime cases, showing just how common these threats are. That’s why it’s important to really dig into your policy, talk with your insurer about what’s covered, and think about combining cyber insurance with other types of coverage to make sure you’re fully protected.
As cyber insurance continues to evolve, rising premiums, stricter underwriting, and a stronger focus on managing risks will shape the market, especially for industries like manufacturing that rely heavily on complex digital systems. Challenges such as systemic cyber risks and policy exclusions will remain, but with flexible policies and plenty of coverage options, businesses can still find solutions that cover their specific risks.
Businesses must adapt to the changing threat landscape by investing in strong cybersecurity measures and aligning with insurers’ expectations. Those who stay informed and proactive will find themselves better positioned to navigate the evolving digital environment, securing comprehensive coverage and building resilience against new cyber risks.
While the future may be uncertain, Austcover is here to help you manage the growing risks of cyber threats. Our cyber insurance solutions provide the protection your business needs to stay secure.
Author: Jason Norris | Senior Account Manager
Jason Norris is a seasoned insurance advisor with nearly 30 years of experience helping corporate and commercial clients protect their businesses and personal assets through strategic risk management. Jason specialises in delivering innovative insurance broking solutions tailored to complex and technical risks, with a strong focus on navigating the challenging placement of insurance for the manufacturing sector.
All information in this article is of a general nature, and has been prepared without taking into account your individual objectives, financial situation, or needs. Before acting on any information contained herein, you should consider its appropriateness to your circumstances. The information provided is not intended to replace any accounting, financial, insurance broking, legal, tax, or other professional advice. Austcover Pty Ltd ABN 46 073 425 662 holds Australian Financial Services Licence No. 241799. Visit: our legal policies and disclosures page.