IT and Cyber Risk - ACE European Risk Briefing 2012
Almost every company today depends on communication, service or commerce delivered over the internet and other information networks. The scale of this reliance seems to be steadily growing.
Companies store ever-increasing quantities of sensitive personal and commercial information online, while developments such as cloud computing mean that their data is often no longer stored within the company’s own networks, but remotely.
Technology has been a powerful enabler of economic growth, helping small companies to become international and large companies to go global. But at the same time, it has created a new category of risks that can be severely damaging, yet are often poorly understood.
Cyber and IT risks are extremely varied. They range from the effects of mundane human errors, such as leaving a laptop on a train, right through to large-scale hacktivism, cyber-espionage or denial- of-service attacks. They can also be very costly and widespread.
According to one estimate, the cost of cybercrime globally in 2011 reached US $388bn, (around €300bn) with an individual falling victim to some form of online crime every 19 seconds. Any of these can have a wide range of business consequences including reputational damage, regulatory fines and the financial losses caused by business interruption.
￼￼￼￼￼￼￼￼￼￼￼Overall, in comparison with other risk categories researched by ACE, European companies rank IT and cyber risk relatively low on their list of priorities. It is seen as less important than terrorism, environmental and multinational risk,
for example. However, it is ranked as the second most important emerging risk by larger companies (cited by 29%) suggesting that multinationals and other businesses with turnover of over €800m are waking up to the risks.
Click below to view the whole report
You might also like ...
Deloittes have produced a video to illustrate how you can be hit by cyber attack. In a style reminiscent of the BBC series 'Spooks' in just 300 seconds it shows the principle steps in an attack and the measures that can embedded to protect organizations.