We use cookies to improve this site and enable full functionality. You can change your cookie settings at any time using your browser. Our cookie policy.

Global cyber losses expected to reach $6 trillion by 2021 - Aon

Global cyber losses expected to reach $6 trillion by 2021 - Aon | Insurance Business UK

Global cyber losses expected to reach $6 trillion by 2021 - Aon

Annual global cyber losses are expected to hit US$6 trillion by 2021, with cybersecurity spending projected to exceed a total of US$1 trillion for the five years leading up to 2021, according to a new report from Aon quoting statistics from Cybersecurity Ventures.

While the immediate costs of a cyberattack can be significant, Aon’s report suggested that damage to a business’s reputation could cost just as much or even more in the long term.

“The reputational crisis resulting from an attack can erode a company’s market value, destroy brand loyalty, limit companies’ digital transformation efforts and even lead to a credit-rating downgrade,” Aon said. “An effective cyber resilience strategy can help mitigate both immediate and long-term financial losses.”

“Some companies still don’t fully understand the impact a cyberattack can have on a business,” said Onno Janssen, Aon CEO of Risk Consulting & Cyber Solutions EMEA. “Understanding the worst-case scenarios and their impact to a business is crucial to developing an effective resilience strategy in which cyber is managed as an enterprise-wide risk across the entire organisation. The cyber threat is amorphous, and the technology it exploits is advancing at a dizzying pace, so the risk landscape is never going to stand still.”

Janssen said business leaders needed to prioritise defending against cyber risk.

“The C-suite will have to aim to constantly improve its holistic cyber risk management strategies to prevent, prepare for and be able to respond to a cyber crisis,” Janssen said. “Ultimate responsibility for all risk management efforts resides in the boardroom.”

Aon’s report outlined four steps for building an effective cyber resilience strategy:

  • “Take it to the top”: While cyber risk management should be an enterprise-wide concern, final accountability for understanding the costs and consequences of a cyberattack rests with the board.
  • “Unite your business”: Cyber risk is a threat to the whole business, calling for a multi-level response that involves every relevant stakeholder.
  • “Get ahead of the game”: Businesses shouldn’t wait for a cyberattack to happen before acting. Incident-response training is critical to preparing a business to respond effectively to an attack.
  • “Protect your balance sheet”: Cyber insurance can protect an organisation’s balance sheet by providing a financial payout after a cyberattack, as well as providing pre-loss and post-loss services.