VMIA’s Cyber Insurance policy covers your organisation for expenses related to your data breach responses. Your department, agency (or hospital) and its directors, officers and employees are all covered.

Many organisations handle personal and corporate data daily, whether it’s employee profiles, credit card information, sensitive demographic information or budget and funding information. In an ever-increasing legal and regulatory environment, our Cyber Insurance policy provides a risk transfer solution if your data is put at risk because of a cyber incident.  

What’s covered?

VMIA’s Cyber Insurance covers first party expenses (incurred by your organisation in the event of a cyber incident) and third party expenses (amounts your organisation is legally liable to pay to third parties, as a result of a cyber incident).

Protection for your organisation includes:

  • forensic team expenses
  • call centre expenses
  • public relations and crisis management expenses
  • cyber extortion loss, including negotiation, security consultants and extortion payment to end the threat
  • restoring, recreating or recollecting corrupted, damaged or deleted data
  • operational costs and additional costs incurred due to a computer security failure
  • notification costs involved with notifying affected persons of a data breach and/or the Privacy Commissioner
  • data administration investigation costs, fines and penalties.

Protection for claims made by third parties includes:

  • theft, loss or unauthorised disclosure of personally identifiable or third party corporate information
  • computer security failure resulting in corruption, alteration or destruction of data, or failure to prevent the transmission of a virus or malicious code
  • failure to comply with a privacy policy
  • cover for PCI fines and costs.

This is a brief overview of policy features only. For full details, please refer to the policy wording in the attached policy document below.

Reporting an incident

A Cyber Incident Response Service (CIRS) is available to all Victorian Government organisations. It is a confidential service provided by Enterprise Solutions within the Department of Premier and Cabinet.

Enterprise Solutions will also analyse information received as part of this service to keep other Victorian Government organisations up-to-date about current threats and opportunities to further protect their clients and services. This will be done at an aggregate level with no specific organisations identified.

Following this initial report to CIRS, organisations should notify VMIA of an incident as soon as possible.

What incidents should be reported?

  • suspected or confirmed malware or ransomware phishing emails that reach government employees
  • suspected or confirmed data breach; theft, loss or unauthorised disclosure of personal data
  • denial-of-service (DoS/DDoS) activity on a government system
  • website defacement
  • unauthorised use of government branding in phishing emails, and other forms of malicious cyber activity.

How do I report an incident?

To report an incident, you should:

Step 1:

Contact the Cyber Incident Response Service on 1300 CSU VIC / 1300 278 842 or email

Step 2:

As soon as you suspect any theft, loss, unauthorised disclosure of, or unauthorised access to, information within your organisation, you should immediately notify VMIA on 03 9270 6900 or 

If after hours, please contact one of our partner organisations on 1300 135 790, who will provide support within an hour of a reported breach.

Cyber Insurance Claims

As soon as you suspect any theft, loss, unauthorised disclosure of, or unauthorised access to, information within your organisation, you should immediately notify VMIA, or if after hours, our partner organisation. The sooner we know about an incident, the more we can do to help.

Please include the following in your notification:

  1. a short description of the incident
  2. the date the incident occurred (if known)
  3. the date your organisation discovered the incident
  4. whether you have already engaged DPCs Cyber Incident Response Service; and
  5. contact information for the designated breach coordinator.

Please do not include any personally identifiable information or protected health information.

At this stage in your investigation, please try to preserve all evidence and secure your IT systems. A VMIA Claims Manager will respond to the notice and schedule a phone call to discuss the incident and preliminary investigation. We recommend that key stakeholders within your organisation (those who will be involved in investigating the incident) be included in this phone call, but at a minimum, your designated incident response coordinator. 

Policy documents 

Cyber Policy Update

Changes made to the VMIA Cyber Insurance Policy for 2019-20 can be found here  

More information

For more information about your insurance policies, email us at