Cybercrime in Australia costs about $4.5 billion annually, but the message on mitigation is still not getting through to many businesses, Aon Financial Specialties MD Jennifer Richards warns.

She says three factors should heighten attention to cyber-risk: an increase in the use of cloud computing for business; the growth of social media; and recent changes to the Privacy Act, which place a greater onus on businesses to protect personal customer information.

As well as reviewing IT systems and processes to minimise network security and privacy risks, Ms Richards says companies should extend their specialist insurance – “a measure many organisations mistakenly believe they have under control through more general policies”.

“Such policies are often inadequate to cover the likely cost of even a more standard network security and privacy breach, let alone cyber-attack or hacktivism,” she said.

Ms Richards says specialist policies can cover expenses such as immediate crisis management, forensic analysis, repair of computer systems and loss of income.

Third-party costs such as customer compensation and legal expenses can also be covered.

A similar warning has been sounded in New Zealand, where cybercrime reportedly cost businesses $NZ625 million ($578 million) in 2011.

The sum could be higher because many security breaches go undisclosed.

The Insurance Council of New Zealand has urged businesses to review their networks’ security and consider gaps in their insurance cover. CEO Tim Grafton warns the country is “woefully underprepared” for the increasing threat of cyber-attacks.