Skip to content

VMIA’s Cyber Insurance policy covers your organisation for expenses related to a breach to your network security.

Who's covered?

Your department, agency (or hospital) and its directors, officers and employees are all covered.

Many organisations handle personal and corporate data daily, whether it’s employee profiles, credit card information, sensitive demographic information or budget and funding information. In an ever-increasing legal and regulatory environment, our Cyber Insurance policy provides a risk transfer solution if your data is put at risk due to a cyber incident.

What’s covered?

VMIA’s Cyber Insurance covers first party expenses (incurred by your organisation in the event of a cyber incident) and third-party expenses (amounts your organisation is legally liable to pay to third parties, due to a cyber incident).

Protection for your organisation includes:

  • forensic team expenses
  • call centre expenses
  • public relations and crisis management expenses
  • restoring, recreating or re-collecting corrupted, damaged or deleted data
  • operational costs and additional costs incurred due to a computer security failure
  • notification costs due to notifying affected persons of a data breach and/or the Privacy Commissioner
  • data administration investigation costs, fines and penalties
  • upgrades to systems after an insured loss
  • expenses associated with replacing bricked systems and devices.

Protection for claims made by third parties includes:

  • theft, loss or unauthorised disclosure of personally identifiable or third-party corporate information
  • computer security failure resulting in corruption, alteration or destruction of data, or failure to prevent the transmission of a virus or malicious code
  • failure to comply with a privacy policy
  • cover for PCI fines and costs.

This is a brief overview of policy features only. For full details, please refer to the policy wording.

Reporting an incident

A Cyber Incident Response Service (CIRS) is available to all Victorian Government organisations. It’s a confidential service provided by Enterprise Solutions within the Department of Premier and Cabinet.

Enterprise Solutions will also analyse information received as part of this service to keep other Victorian Government organisations up to date about current threats and opportunities, to further protect their clients and services. This will be done at an aggregate level with no specific organisations identified.

Following this initial report to CIRS, organisations should notify VMIA of an incident as soon as possible.

What incidents should be reported?

  • suspected or confirmed malware or ransomware phishing emails that reach government employees
  • suspected or confirmed data breach
  • theft, loss or unauthorised disclosure of personal data
  • denial-of-service (DoS/DDoS) activity on a government system
  • website defacement
  • unauthorised use of government branding in phishing emails, and other forms of malicious cyber activity.

How do I report an incident?

To report an incident, you should:

Step 1:

Contact the Cyber Incident Response Service on 1300 CSU VIC / 1300 278 842 or email

Step 2:

As soon as you suspect any theft, loss, unauthorised disclosure of, or unauthorised access to information from your organisation, you should immediately notify VMIA on 03 9270 6900 or

For after-hours assistance, contact one of our partner organisations on 1300 135 790, who will provide support within an hour of a reported breach.

Cyber Insurance Claims

As soon as you suspect any theft, loss, unauthorised disclosure of, or unauthorised access to information within your organisation, you should immediately notify VMIA. If this occurs outside of working hours, please contact our partner organisation. The sooner we know about an incident, the more we can do to help. Please include the following in your notification:

  1. a short description of the incident
  2. the date the incident occurred (if known)
  3. the date your organisation discovered the incident
  4. whether you’ve already engaged DPC’s Cyber Incident Response Service
  5. contact information for the designated breach coordinator.

Please don’t include any personally identifiable information or protected health information.

At this stage in your investigation, try to preserve all evidence and secure your IT systems. A VMIA Claims Manager will respond to the notice and schedule a phone call to discuss the incident and preliminary investigation. Key stakeholders in your organisation (those who will be involved in investigating the incident) should be on this phone call, and at a minimum, your designated incident response coordinator.

More information

For more information about your insurance policies, email us at