Cyber Attacks A Board-Level Concern, Lloyd's, HP Report

Many companies are unknowingly vulnerable to data leakage, phishing attacks, trojans or advance persistent threats, according to a new report from Lloyd's and technology company HP.

Digital risk management must be a board-level concern for business as the range, frequency and scale of cyber attacks increases, said the report, "Managing digital risks: trends, issues and implications for business."

The report warns that as businesses become more reliant on technology, they will face more complex and damaging digital attacks as sophisticated attackers quickly adapt their methods to steal from, disrupt and spy on businesses.

Lloyd's Chairman Lord Peter Levene said in a statement: "A discussion of digital risks should be on the agenda of board meetings everywhere as cyber attacks become more frequent, more creative and more disruptive. Cybercrime is an international business aided by those countries without the legislative framework to tackle it."

While most of the digital risks that companies face, such as extortion and stolen information, are similar to risks they have always known, technology has increased the speed at which these risks can occur and amplified their impact, the report said.

Lord Levene said in a forward to the report that "attacks on companies in one country can emanate from the other side of the world, while some countries are effectively 'cyber sanctuaries,' where criminals can operate free from cybercrime legislation."

The study points out that as part of the overall digital risk management strategy, companies should consider the growing number of cyber-risk insurance products and solutions that can transfer these risks to third parties. Although difficult to measure, the current market for cyber insurance is estimated to be about $600 million, a 16-25 percent increase from 2009.

Most digital risk mitigation typically happens within the IT department. However, risk managers, technology experts and other stakeholders need to be more involved in the process in order to bring broader business perspectives to the decisions that are made.

Prith Banerjee, senior vice president of research at HP and director of HP Labs, said the real challenge for risk managers "is to determine how to effectively monitor digital risks in order to decide how seriously they should be considered."

Specifically, for risk managers, the report recommends:

o Setting up a working group of technology experts and key stakeholders across the business to monitor and review business risk exposure.

o Becoming more involved in IT governance and strategy.

o Ensuring applicable standards are used to manage digital risks.

o Considering risk transfer solutions as part of an overall digital risk management strategy.

Top Story

Ferguson burning: 9 scenes of property damage in the wake of the riots

A grand jury in Ferguson, Missouri on Monday declined to indict a local police officer in the August 2014 shooting death of 18-year-old Michael Brown, setting off a night of violent riots in the suburban St. Louis community. Here's the aftermath.

Top Story

Ranked! Here's the safest minivan on the road, and the 4 that fall short

Minivans are the safest vehicles for families, right? Well, maybe not.

More Resources

Comments

eNewsletter Sign Up

Tech Digest eNewsletter

Technology related insights for insurance professionals including key developments, solution providers and news briefs from the carrier front – FREE. Sign Up Now!

Mobile Phone
         

Advertisement. Closing in 15 seconds.