Cybersecurity entered the 2015 Global Risk Management survey’s Top 10 list of global risks for the first time last year. The escalating risk of cyber attacks is compounded by other key risks, according to a recent Aon survey of global risks.
Risk management professionals around the globe are grappling with significant challenges, including cybersecurity, insuring against cyber attacks, and a growing interdependence of all risks. These are among the findings of an annual global risk survey conducted by Aon, a leading global provider of risk management and insurance services in over 120 countries.
Cybersecurity Hits Top 10 Risk List
Several factors contributed to the rise of cybersecurity to a Top 10 position for the first time. Among them is the ever-expanding number of high-profile cyber attacks. According to PricewaterhouseCoopers, the number of detected cyber attacks skyrocketed in 2014—up 48 percent from 2013. They were expected to go up further in 2015, to roughly 117,000 attacks each day.
In the U.S., there are countermeasures in place to fight against these increasing threats. For example, the Obama administration has formed a new agency charged with sharing intelligence on cyber attacks. On an international stage, the U.S. and U.K. governments have also recently committed to work together on establishing “cyber cells” and “cyber war games.”
But the battle is just beginning.
Commercial Insurers Struggle with Cybersecurity
Insuring against cybersecurity is emerging as the next big hurdle for insurance companies, according to the report. In particular, “one of the dangers facing the insurance industry is the potential for a cyber hurricane, an event that could impact multiple lines of businesses, geographies, and industry sectors.”
Among the challenges for insurers is the mercurial nature of cyber risk, which is “fast-moving, impossible to predict, and difficult to understand. Yet, the damage can be immense.” The annual cost of cyber crime and economic espionage to the world economy runs as high as $445 billion, according to the Center for Strategic and International Studies. The figure does not include the intangible damage to organizations.
Last year, the insurance industry took in U.S. $2.5 billion in premiums on policies to protect companies from losses resulting from hacks, according to the report. But “how is it possible to cover the (cybersecurity) exposure of every company in the world and how do you quantify such exposure?” the report asks.
Risk Interdependence Exposed
Compounding these risks is the growing interdependence and interrelationships of all risks, stated the report. For example, a personal data breach can damage companies’ reputation. “The connection between these two risks has been felt around the world in 2014, as a rash of data breaches demonstrated the fragile nature of consumer trust in leading corporations.”
What’s more, damage to reputation and brand has emerged as the top-ranked risk in the 2015 survey. The interconnected nature of cyber risk is underscored by two other risks in the top 10—the failure to attract and retain top talent and the failure to innovate.
10-Point Strategic Risk Assessment
The Aon survey’s findings about cybersecurity risks speak to one overarching question companies should ask themselves: Do we have the right program in place to reduce the frequency and severity of cyber risks in our organization?
The Clearwater Compliance assessment identifies all sources of information risk and liabilities, and delivers a tailored, prioritized roadmap for solution implementation. The plan provides in-depth insight to support sound decision-making and justification for the expenditures required to safeguard and control an organization’s network and data.
We have assisted more than 400 customers to operationalize and mature their information privacy, security, compliance and information risk management programs. And in the process, we are raising the bar for safeguarding PHI, protecting millions of Americans and driving real value for the organizations we support and the healthcare industry at large.