Do you find yourself constantly reading about cyber-security attacks on individuals and businesses? Often reading regional statistics, national impacts and what individuals can do to prevent an attack? Have you seen the potential effect of a global attack? A coordinated global cyber-security attack could have an economic impact of up to $193bn.
As a result, cyber defence tools and appropriate insurance is essential for the possibility of a global cyber-attack.
The Cyber Risk Management Project Report included research on the definition of a cyber-risk, models for a cyber event, models for cyber loss and capability assessments for an attack.
However, what is left behind is insurance. The “lack of sound data, the rapidly changing cyber threat environment, developing regulation and policy landscape, and the global nature of cyber risk with potential for high accumulation risk, constrains the development of the current cyber risk insurance market” according to The Cyber Risk Management Project.
The Hypothetical Scenario.
Organisation’s devices are infected with malware which threatens to block access to files unless a ransom is paid.
The scenario focuses on an infected email. Once opened, the email is forwarded to call contacts. Statistics suggest that within 24 hours data will be encrypted on nearly 30 million devices worldwide.
This malware would impact companies from all sectors and of all sizes. They would all equally have to pay ransom. Overall, around 600,000 business would be affected.
What I found the most interesting was the projections for which industry would be affected the most:
- Retail would suffer the greatest global loss ($15-25bn)
- Healthcare ($10-25bn)
- Manufacturing ($9-24bn)
Furthermore, the US would be the greatest affected region. Europe would follow.
So, with this threat and cyber-security on the rise, you would assume that there is an adequate system for dealing with this disaster. I certainly did.
However, the report demonstrates that 86% of total economic losses would be uninsured. To put this in perspective, the insurance gap would be $166bn.
But is this likely to happen?
Yes, this could occur, but it is important to note that this is a worst-case scenario. Email security within a few companies would prevent the spread of this attack. Whilst phishing tools are becoming smarter, as are security systems.
However, this is a wakeup call for increased cyber-security in organisations.
The Global Effect
Overall, we are living in an interconnected world. There is a reliance on the global economy and connectivity which makes a global cyber-attack a greater possibility.
In the end, this has changed my assumption about global cyber-security and protection against digital attacks. In other ways, for me it has reaffirmed the importance of effective cyber-security regimes and systems for an organisation.
This is something which legislators and policy makers would have continuous inputs on. You would never be out of a job. It seems growing cyber-attacks are an inevitability. The best thing to do is prepare early and keep releasing reports like this one to scare people into action. It certainly scared me.