Across Australia, cyber incidents involving ransomware, business email compromise (BEC) and data breaches are now a routine part of the threat landscape for small and medium businesses. SMEs are increasingly targeted because attackers see them as easier to compromise than large organisations, but still valuable in terms of data, payments and access to supply chains. The financial, operational and reputational impacts of a single cyber incident can be significant for a growing business.

Ransomware tactics are evolving, with many attacks now using “double extortion”: encrypting your systems and simultaneously threatening to leak stolen data if a ransom is not paid. At the same time, BEC schemes are becoming more sophisticated, using convincing emails, fake invoices and altered bank details to divert legitimate payments. Data breaches can arise from these attacks or from issues such as lost devices, misdirected emails, or misconfigured cloud systems, and may trigger notification obligations as well as customer and regulatory scrutiny.

Cyber insurance is not a substitute for strong cyber security, but it can play a key role in resilience. Modern cyber policies for SMEs can include incident response support, IT forensics, legal and PR advice, data restoration costs, business interruption cover and, in some cases, cybercrime and social engineering extensions. The detail of each policy varies, so it is important to understand how your policy defines covered events, what excesses and sub‑limits apply, and how it treats ransom payments, regulatory investigations and third‑party claims.

Working with an experienced broker can help you align cyber cover with your actual risk profile. This includes considering your reliance on email and cloud systems, the sensitivity of the data you hold, your supply‑chain dependencies and your existing IT controls. A broker can also work with you and your IT providers to ensure that any security improvements requested by underwriters are practical and that your policy supports your broader cyber risk and incident response strategy.