Zurich: The Scary Risk: Cyber
Cyberrisk has become so big, so costly and so common that it's scary. As it continues to change and evolve, businesses both large and small are finding it more daunting to confront -- and infinitely more expensive.
The dimensions of even a relatively small cyber event can be breathtaking and multi-dimensional. Take two very different examples: In one, a company's network is hacked and customer data files are stolen; the other, an employee inadvertently left their laptop, with similar customer data, in a cab while rushing to a meeting. One is a network technology risk; the other is rooted in human error and human behavior -- yet both are cyber events.
The 2012 Ponemon Institute study, "The Cost of Cyber Crime: United States" concludes that the costs of a cyber attack continue to escalate and become even more expensive, especially if not resolved quickly. In 2012, it took an average of 24 days to resolve and cost $591,780 for a single attack, a 42 percent increase from 2011 when the average cost was $415,748. Worse, as the study also points out, "malicious insider attacks can take more than 50 days, on average, to contain," further increasing those costs. The cost of the same event can grow exponentially if the company's reputation comes under attack or it impacts their stock price.
"Any strategy to protect and mitigate the impact of a cyberrisk event has two important factors -- transferring what can be the enormous financial costs, and gaining access to the needed technical expertise and a response team that can reduce the immediate and long-term impact of the event on the organization," explained Lori Bailey, Global Head of Professional Liability for Zurich General Insurance. With a separate cyberrisk policy, even a small business can obtain important financial protection and access to the needed resources and response team, she added.
September 15, 2013
Copyright 2013© LRP Publications