Survey reveals top cyber concerns

Survey reveals top cyber concerns | Insurance Business

Survey reveals top cyber concerns
In today's digitally connected world where businesses face a myriad of cyber risks that threaten their reputation, profitability, and very existence, risk managers revealed that hacking events, phishing attacks, and malware were the threats they were most concerned about, followed by social engineering, data theft, and accidental data loss.

These were the findings in The Knowledge's Data Security Survey, published in association with Zurich, which asked Australian risk managers to rate nine cyber threats by their likelihood of occurring in the next 12 months and the estimated financial impact they would likely have on their business.

Search and compare product listings for Cyber Insurance from specialty market providers here

According to the Ponemon Institute, the cited risks were reflective of the most common types of attacks faced by businesses in the Asia Pacific. Elsewhere, losses due to DDoS attacks (use of compromised Internet of Things devices) and state-sponsored attacks have grown more frequent and severe.

Australian risk managers have gained increased awareness and concern over the potential impact of cyber intrusion and data loss thanks to two factors – the nature of the threat locally and the anticipation of new data breach notification rules, the report said.

There are also the cautionary reports about cyber incidents. These include the 2016 Australian Red Cross breach, the largest-ever known data breach in the country, which exposed more than 550,000 prospective blood donors online; and the massive hack at global credit reporting giant Equifax, which compromised 145 million Americans' personal information and even wiped off $3.5bn off the company's market value at one stage as a consequence.

Despite as being not as litigious as the US, The Knowledge noted that the respondents were clearly aware of the significant financial impacts both hacking events and data theft can have on their organisations, ranking them as first and second in terms of potential costs. Firms have also become more aware that such incidents can also lead to reputational losses and lawsuits implicating senior management.

To reduce the impact of cyber events, Dean Carrigan, managing partner at Clyde & Co., said organisations must have a tried-and-tested breach response.

“Organisations need a well-organised, clear plan to deal with cyber-attacks and data breaches,” Carrigan told the publication. “We have seen how valuable it is to have ready access to independent external experts.”

Eamonn Cunningham, former risk officer at Scentre Group, meanwhile, stressed that time is of the essence when dealing with cyber incidents.

“Unlike your conventional crisis, time is absolutely of the essence when it comes to a cyber-attack,” he told The Knowledge. “You often have just minutes to decide whether to take your system offline, for example.”

Related stories:
Are your clients putting the nation at risk of cyber war?
Travelers on the ‘unusual’ pace of the cyber insurance market