Scaling up the next generation of South Australian businesses

Heist Movies and (Crime and Cyber) Insurance

Heist films are one of my favorite movie genres. It is always exciting to watch how the protagonists in the movies cook up elaborate plans and pull off audacious thefts. Over the years, heist movie plots have become more complicated, evolving from robberies to highly intricate schemes. Similarly, insurance coverage has developed over time in response to increasingly complex risks.

We have seen a noticeable increase in the prevalence of cyber losses. As cyber criminals find new ways to infiltrate businesses and their systems, there can be situations where crime or cyber insurance policies respond. But what are the differences between cyber and crime policies? How they have evolved in recent years? And how can they help protect your business? Keep reading to find out.


Back to the movie analogy! Over time, simple armed robberies can no longer appease us heist movie fans, we want far more complicated and ambitious plots. Triggers to crime policies have evolved significantly in recent years as well. Historically, the major types of losses under a crime policy were fraud, theft, and misappropriation. That is, if an employee stole money from your business or forged documents to transfer monies into their own bank account, or if a non-employee broke into your business and stole money or stock, your crime policy would typically cover the loss. Just as movie plots have become more complicated, crime policies have also developed and expanded their coverage over time, to include:

SOCIAL ENGINEERING: Actions by an attacker to deceive an employee into giving out confidential information or naively transferring funds. You can learn more about the rise of social engineering in our recent article.
THEFT OF HARDWARE: Replacement of your computers, networks, or servers to their pre-loss operating capacity.
INCREASED INTEREST RECEIVABLE OR PAYABLE resulting from a loss, covered by the policy.
FEES, COSTS, & EXPENSES including legal fees, investigative specialist fees, reconstitution costs, and reputation recovery costs.


Introducing the “Tech Guy”. Since the early 2000s, every heist movie crew now needs a Tech Guy. They’re often called Stuart. This is the guy who hacks into computers and whatnot. Crime policies do not protect against cybercrime. With the growing use of technology comes an increase in the scale and sophistication of cybercrimes. Ultimately, this means businesses need to protect themselves against this evolving risk. Cyber insurance is now just as important as crime insurance.

Traditionally, email compromise has been the main form of cyber losses (phishing, ransomware, and cyber scams). Cyber criminals have diversified their tactics, making it easier than ever to fall victim to cybercrime. Some of the emerging losses that we are beginning to see include:

CRIMEWARE-AS-A-SERVICE: Where hackers like ‘Stuart’ gain access to your system, identify how to cause damage, and then sell the ability (for a very affordable price) to compromise your system on the dark web. This could be a disgruntled ex-employee, a personal associate, or a competitor. The most important aspect of this threat is that it no longer takes a person who is IT qualified to take down your systems.
CRYPTO-JACKING: Malicious cryptomining occurs when cybercriminals hack into both business and personal computers, laptops, and mobile devices to install software. This software uses the hacked computer’s power and resources to mine for cryptocurrencies or steals cryptocurrency wallets owned by unsuspecting victims.
E-COMMERCE DATA INCEPTION: These types of attacks pose an emerging and imminent threat to online shoppers, undermining trust in online payment systems.


As the pandemic lingers on into its second year and many businesses around the world continue to support working from home arrangements, cyber criminals are exploiting new avenues to gain access to networks. Being aware of these risks and exposures has never been more important for businesses. Crime and Cyber insurances are complementary products that are essential to businesses in the current digital age. Combining these insurances with the right awareness and investments enables businesses to protect their valuable assets, including their data and reputations.

Like in the movies, there is always insurance to fall back on. Although I am still waiting for a movie’s closing scene to feature a heist victim lodging an insurance claim!

Eng Kit Han

Claims Manager – Honan Asia