A global leader in cyber risks, who is based at Marsh
HQ in New York, has discussed his views on the subject after a visit to the New Zealand office last month.
Bob Parisi, managing director and national cyber risk product leader in the US, said the driver behind cyber was essentially people, processes and procedures.
He said the evolution of cyber risk had shifted just in the last three years to a dual pronged exposure and was no longer just a pure privacy or data breach exposure.
Cyber risk boiled down to two basic things, he said: “The risk of handling or collecting confidential information is one aspect.
“The other aspect is being reliant upon or dependent upon technology in the operation of your business.
“All cyber risk flows from those two things.”
The other evolution was the move from cyber risk as an IT risk to one for the boardroom as an operational risk with the size of the enterprise in question being irrelevant.
“Some of the larger breaches that have occurred in North America were by attacks based upon the SMEs used then as a bootstrap into their larger trading partners,” Parisi said.
He added: “Cyber risk is borderless. The risk of utilising technology and that technology causing harm or risk doesn’t look at country borders.
“And what we’ve seen over the last 10 years is a consistent drum beat by the traditional P&C markets that they want cyber risk to be handled by cyber risk policies.”