Silence is Not Golden

By Michael R. Galin, Director - Risk Management,...

Silence is Not Golden

Thriving in the Face of Disasters

By Stephen E. Flynn, Ph.D., Founding Director,...

Thriving in the Face of Disasters

Critical Infrastructure Cyber Protection: Stronger Deterrence Helps but Isolation and Mitigation are Essential

By Bruce J. Heiman, Partner - Public Policy and...

Critical Infrastructure Cyber...

Policy Administration Automation

By Chris Madsen, Head of Global Underwriting...

Policy Administration Automation

Risks and Rewards in a Digital World

By Dominic Casserley, President and Deputy CEO, Willis Towers Watson

Risks and Rewards in a Digital WorldDominic Casserley, President and Deputy CEO, Willis Towers Watson

Coordinated Response to Combat Digital Threats:

A coordinated response is necessary to combat threats arising from the digital revolution. This year is the 350th anniversary of the Great Fire of London, one of the largest urban fires in history. Caused by a flying spark in a bakery, the fire destroyed a third of the city, and made 100,000 people homeless.

Increased risk of fire was one of the significant negative consequences of urbanization, arriving alongside, a set of new economic and social opportunities enabled by the growth of cities.The risks that came with urban expansion were serious, but did not dissuade people from city living. Instead, society captured the massive benefits through risk mitigation, including insurance.

When it came to urban fire, our response was multi-faceted. Every intervention we made was necessary, and none was sufficient on its own. For example, governments required building in brick and stone, not wood, with other building codes following. Local authorities established fire brigades. People stopped heating with open fires in their homes. We developed fire insurance.

Deployed in combination, these moves allowed cities to thrive, while fire risk declined dramatically. Indeed, our joined-up response to urban fire offers a parallel solution for how we might address one of today’s most pressing issues: the cyber opportunities and threats arising from the digital revolution.

By 2026, five billion people will be connected through four billion smartphones and 50 billion connected devices. Our connectivity has created an explosion in digital data–2.5 quintillion bytes every day, on social media, email, online purchasing, browsing, and by machines talking to machines in the Internet of Things. Connectivity is driving social progress. Businesses are mining new seams of innovation. The possibilities seem limitless. But with transformation, new opportunities are balanced by new risks.

Governments and cities fear cyber attacks could disable critical infrastructure, imperil national security and threaten the economy. Intangible digital assets are at risk from economic espionage, while privacy breaches, cost money and loss of business. On top of the commercial consequences, cyber attacks damage a company’s reputation and leadership. No wonder that our clients tell us that cybersecurity is at the top of their agendas.

So how do we manage these risks to unlock the full benefits of digitization? The answer is to adopt an integrated approach for building cyber security, one in which organizations in the public, private and social sectors adopt a package of risk mitigation measures–a truly joined-up response to the growing cyber threats.

Priority Cyber Risk Check-list:

To respond to the risks inherent in our interconnected world, businesses must be both preventive and protective. Six priorities should be on every company’s integrated “cyber risk check-list”:

• Ensure enterprise-wide governance is in place.
• Assume hackers are already inside.
• Invest in making your whole workforce cyber-smart.
• Consider technology one of several lines of defense.
• Insure for cyber threats that you can’t mitigate.
• Allocate enough capital to the right cyber defenses–protect your crown jewels.

Enterprise-Wide Governance:

A cyber strategy should be led from the ‘C-Suite’. It needs to be managed on a whole-enterprise basis, with collaboration across corporate functions. The senior executive who orchestrates a cyber strategy should combine commercial nous and the relevant understanding of IT, HR, legal and reputational issues.

Assume Hackers, Already Inside:

We need to assume not only those hackers are trying to get in, but they are already inside our companies’ data. Tackling the enemy within requires different measures from trying to keep them out. Organizations should initiate regular stress-testing of data to improve detection, and invest in measures to make it less financially rewarding and more time-consuming for hackers to attack in the first place.

A cyber strategy should be led from the ‘C-Suite’. It needs to be managed on a whole-enterprise basis, with collaboration across corporate functions

 

Invest in Making the Workforce Cyber-Smart:

Investing in enterprise-wide cyber-security training is expensive, but a vigilant workforce is a vital protection. It means offering a combination of rewards and disincentives, encourages a culture supportive to cyber security. Not all training will deliver 100 Percent perfection, but it can improve prevention.

See Technology as One of Several Lines of Defense:

IT solutions are often the first port of call for organizations looking at cyber defense. It’s important to understand that technological defenses are critical, but not sufficient response on their own.

Insure for Cyber Threats We Cannot Mitigate:

While insurance is an old and experienced industry, the cyber risk market is young and because these risks are hard to quantify, insurance companies’ willingness to put capital at risk is currently constrained. No doubt the market will broaden and deepen over time, but we have to become better at understanding and quantifying cyber risk, its financial and non-financial impact.

Allocate Enough Capital to the Right Cyber Defenses:

Companies need to understand, quantify and provide for their greatest cyber exposures. This starts with identifying critical assets to create a critical digital asset register. These are assets which impact on financial stability, customer relationships, and regulatory compliance and trust. They might include infrastructure, data, applications, or services supplied by third parties. We are in the middle of a technological revolution in the way we live and do business. It’s a very young revolution, with amazing opportunities and substantial risks. Some argue that the solution lies in technology, and the others in institutions, human behavior and insurance. We think it’s all of those things coming together. By bringing together institutional responses and technological solutions, by influencing human behavior, and developing the insurance market, we can distribute cyber risk and enjoy the promise of a connected future. 

How AI is Transforming Healthcare

By David Hogan, Sr. Director Enterprise, NVIDIA

How AI is Transforming Healthcare

What's Needed to Bring More Digital Retailing Solutions to Life

By Jennifer "Jenn" Reid, Vice President -...

What's Needed to Bring More Digital...

Build a Cyber Security Ecosystem to Reduce Risk in the Public Sector

By Jonathan Behnke, CIO, City of San Diego

Build a Cyber Security Ecosystem to...

Challenges with Fire & Airflow Containment in Mission-Critical Facilities: Data Center Focus

By Chris Kusel, CFPS, CDT, Director of...

Challenges with Fire & Airflow...

follow on linkedin follow on twitter Copyright © 2019 www.enterprisetechnologyreview.com All Rights Reserved | Privacy Policy
Top