A security breach is any incident that compromises the confidentiality, integrity, or availability of information assets through unauthorised access, malware infection, denial-of-service attacks, or other means. This broad term encompasses external intrusions such as hacking, ransomware and social engineering; insider threats from malicious or negligent employees; third-party compromises involving suppliers or cloud providers; and physical breaches including device theft or improper disposal. Under Australian law, an "eligible data breach" as defined by the Privacy Act occurs when unauthorised access or disclosure is likely to result in serious harm, triggering mandatory notification obligations and potential regulatory action.For cyber insurance purposes, coverage typically requires actual or reasonably suspected compromise (not mere vulnerability existence), potential for harm or business disruption, and discovery during the policy period. Insurers generally require compliance with policy conditions including timely notification and maintenance of specified security controls. Coverage scope commonly encompasses forensic investigation costs, legal and regulatory defence expenses, notification and credit monitoring services, crisis management, business interruption losses, and third-party liability claims. For APRA-regulated entities, CPS 234 mandates specific detection and response capabilities to identify and limit breach impact, making robust incident response planning both a regulatory requirement and insurance prerequisite.