- Annual global cyber losses are expected to reach US$6 trillion by 2021, with cyber security spending set to exceed US$1 trillion cumulative in the five years period leading up to 2021
- The Nordic market has been impacted by significant losses due to Cyber events with A.P Moller-Maersk ($250-300 million, Q4 2017 financials) and Norsk Hydro ($45-51 million, investor presentation) as the most notable
- With cyber events causing potential significant financial losses, reputational and brand damage, a fall in share price and downgrading of credit ratings, cyber should be at the top of any C-suite agenda
- The increased prevalence of cyber attacks makes this a ‘when’, not ‘if’, risk; many businesses are not doing enough to prepare
- A journey of constant improvement; in order to achieve cyber resilience, the C-suite must constantly look to improve its cyber risk-management strategy and processes.
Stockholm, 11 September 2019 – A new report, ‘Prepare for the expected: Safeguarding value in the era of cyber risk’ released today by Aon plc, the leading global professional services firm providing a broad range of risk, retirement and health solutions, has gathered views from cyber-focused leaders from businesses in EMEA to share lessons learned in building cyber resilient organisations.
Annual global cyber losses are expected to reach US$6 trillion by 2021, with cyber security spending set to exceed US$1 trillion cumulative in the five years period leading up to 2021. Businesses face financial loss in the form of immediate crisis expenses, regulatory fines, which have increased following the implementation of General Data Protection Regulation, and lost revenue resulting from an attack stopping the business from trading or disrupting core operations.
While the immediate financial costs of a cyber attack can be crippling for a business, the report suggests that of equal or even greater concern is damage to a business’s reputation. The reputational crisis resulting from an attack can erode a company’s market value, destroy brand loyalty, limit companies’ digital transformation efforts and even lead to a credit-rating downgrade. An effective cyber resilience strategy can help mitigate both immediate and long-term financial losses. A study conducted by Pentland Analytics and Aon found that a company’s preparedness to mitigate reputational risk and its management’s behaviour in the immediate aftermath of a crisis can have a notable impact on short and long-term share price reaction.
Michael Carr CCO / Søren Stryger Nordic Cyber Solutions Leader, Aon said: “Some companies still don’t fully understand the impact a cyber attack can have on a business. Understanding the worst-case scenarios and their impact to a business is crucial to developing an effective resilience strategy in which cyber is managed as an enterprise-wide risk across the entire organisation. The cyber threat is amorphous, and the technology it exploits is advancing at a dizzying pace, so the risk landscape is never going to stand still. The C-suite will have to aim to constantly improve its holistic cyber risk-management strategies to prevent, prepare for, and be able to respond to a cyber crisis. Ultimate responsibility for all risk management efforts resides in the boardroom.”
Aon’s report outlines four steps to building a cyber resilient organisation:
1.Take accountability. Cyber risk management must be an enterprise-wide effort, but accountability needs to sit at the very top of the organisation, with the board understanding the costs and consequences of a cyber attack.
2.Unite your business. Cyber risk is not just an IT security issue; it is a threat to the whole enterprise. It calls for a multi-discipline, multi-level response that involves every relevant stakeholder within the business.
3.Get ahead of the game. Businesses can no longer rely on bringing in a response team after an attack. Incident-response training is critical in preparing organisations for a cyber-attack and scenario-planning helps to understand operational vulnerabilities and threats.
4.Protect your balance sheet. Firms should look at how they are leveraging available risk transfer opportunities. Cyber insurance can help protect an organisation’s balance sheet by providing a financial pay-out after things have gone wrong and providing pre-loss prevention and post-loss services.
Nordic Cyber Solutions Leader: Søren Stryger, firstname.lastname@example.org
Cyber Specialist, Sweden: Magnus Flyrin: email@example.com
Cyber Specialist Sweden; Martin Spangenberg: firstname.lastname@example.org
Om Aon Sweden
Aon är ett av Sveriges ledande konsultföretag inom riskhantering för företag och organisationer genom risk managementtjänster, försäkrings- och återförsäkringsförmedling samt rådgivning och outsourcing inom Human Resources. Aon Sweden har ett starkt lokalt engagemang för sina kunder och ett globalt utbud av expertis och resurser.
Verksamheten etablerades 1992 och idag har Aon Sweden drygt 220 anställda i Stockholm, Göteborg och Malmö. Aon är certifierade enligt ISO 14001, den globalt erkända standarden för miljöledningssystem. Besök oss på www.aon.com/sweden/ för mer information.
Aon Sweden är en del av Aon Corporation som med drygt 50 000 medarbetare över hela världen levererar kundvärde genom innovativa, effektiva lösningar som hanterar företags och organisationers risker och ökar medarbetarnas produktivitet.