Australia is suffering from a ransomware epidemic and IT providers are increasingly being affected by both platform/supply chain and direct attacks.

IT providers (in particular managed services providers) are an attractive target for direct attacks, given the potential knock-on impact to their clients and a likely increased motivation to pay the ransom.

These attacks are increasingly leaving IT providers at risk of claims made by clients who are victims of the breach. Claims can arise from allegations of negligence, breach of contract or breaches of consumer law.

Technology liability specialists Kieran Doyle and Stephen Morrissey have suggested ten ways IT providers can help themselves avoid being held responsible for a direct or indirect cyber breach.

Read the update in full below.