Following on from last week’s news alert on the cyber threat facing fuel businesses following two hacking attacks, ACAPMA’s endorsed insurance broker, Arthur J. Gallagher (AJG), has reiterated the importance of adopting a robust cyber security policy.

Travis Gauci, AJG cyber risk expert, says that the recent cyber incursions on fuel businesses are a stark reminder that the threat to the sector is very real.

“Research carried out by Norton suggests that cyber-crime cost the Australian economy more than $1.2bn in 2015,” said Gauci. “And while the fuel industry hasn’t typically been considered amongst the at-risk sectors, cyber criminals are finding new and not-so new ways to profit from breaching a fuel business’ security.

“This can range from selling data, such as a customer credit card details, extorting business owners to regain access to Point of Sale systems, to manipulating staff to transfer funds.

“Access to a fuel business’s systems has real value for increasingly sophisticated cyber criminals, who have a variety of means of exploiting system vulnerabilities, including hacking, malware, ransomware and distributed denial of service (DDoS) attacks. Human error, in losing data or equipment, is also a factor. It all adds up to a threat that no fuel business can ignore.”

The consequences of a cyber breach, according to the latest research from IBM and the Ponemon Institute, the average total cost of a data breach to an Australian company is $2.64m. Amendments to the Privacy Act in 2014 also introduced the threat of fines of up to $1.7m to companies that breach sensitive customer data.

But beyond the devastating financial impact of cyber attacks, they can also have a negative influence on a business’s reputation through eroding customer trust.

As a result, a holistic approach to mitigating cyber risk should be top of every business’s agenda, says Gauci.

“Every business, large or small, should develop a cyber breach response plan, with clearly designated leaders and all staff should be educated on cyber security measures,” he said. “And just like a fire drill, you should be testing this plan to make sure it’s up to the task if called upon.

“It goes without saying that best practice information security procedures, including firewalls, virus protection, encryption and offsite data back-up, should also be part of the solution.

“Cyber insurance is also highly recommended. It cannot stop breaches from occurring, but it is a sensible safeguard to limit financial damages and put you in contact with a team of appropriate professionals to help you through any breach.

“Fuel businesses cannot afford to ignore this threat. It’s very real, it’s affecting Australian businesses every day and it’s only going to become more prevalent.”

If you need advice on your company’s cyber exposures, contact AJG’s Fuel and Convenience Stores team on or visit