Zurich research finds cyber risks have potential to threaten the Australian automotive and transport industry sectors
Produced in collaboration with international think tank the Atlantic Council, a recently published report: Beyond Data Breaches: Global Interconnections of Cyber Risk looks at how rapidly evolving and far reaching advances in technology are making the true cost of such a disaster largely unknowable, even to experts.
The recent Heartbleed data security scare has shown that even those who were previously thought to have strong security might be vulnerable if they are not vigilant. Heartbleed is a security vulnerability in OpenSSL, a popular, open-source protocol which encrypts vast portions of the web and is used to protect usernames, passwords and sensitive information.
The report identifies seven categories of cyber risk, ranging from internal IT malfunctions and illegal entry by criminals to wide scale external shocks to internet infrastructure that can be felt on a global scale.
Earlier this year, Data Breach Today also revealed that the rate of institutional data breaches are on the rise and pose a serious risk to businesses. In fact, 2013 was the worst year for theft of private data so far with 740 million data files potentially viewed or stolen worldwide.
As the heavy manufacturing industry becomes increasingly reliant on interconnected communications technologies, Zurich's Senior Risk Engineer, Mervyn Rea says the very real risk of a cyber violation should not be overlooked.
"The loss of secured data could severely impact the transportation and automotive service sectors. Companies could face severe liabilities for security breaches that lose customer or employee data or valuable intellectual property that needs to be kept secret to maintain competitiveness."
"Current cyber risk management predominately focuses on an organisation's internal servers and firewalls. Counterparties, outsourcing or contractual partners and supply chains all have access and the ability to cause major disruptions that could have a catastrophic result," he warns.
Mervyn says Zurich is seeing an increasing reliance on technology in the transport sector. Everything from dispatch, consignment of goods and recording of working hours is being collected, uploaded, documented and monitored in real-time with technology, along with a rise in the use of Telematics which has led to better productivity, fleet utilisation, track and trace, fuel efficiency, maintenance management and driver safety. However, all this data could be vulnerable to cyber attack and means additional safeguards must be taken to avoid fraudulent or unintentional loss of critical data.
"Losing vital data for truck and goods movements, driver hours and engine diagnostics has the potential to cause anything from minor disruptions to major incidents and can create significant reputational concerns with the customers of haulage companies."
"We are also seeing an increase in the reliance on technology from the manufacturing and service sectors on transport. As more customers look to purchase their goods online and have them delivered to their doors, real time track and trace technology is fundamental to both the customer and the supplier. If a business was to lose that data through a cyber attack the fall out could affect future business and be damaging to the brand and reputation of the transportation part of the delivery cycle," says Mervyn.
Head of Motor, Khoder Chehade says the impact of a cyber attack can have wide-reaching ramifications in the Australian automotive industry.
"One example is the disruption to the supply of parts by manufacturers to the repair and vehicle maintenance industry following a collapse in IT infrastructure. The business interruption to those customers and potential risk of losing customers to competing manufacturers as a result will be hard felt in an already extremely competitive market, not only to their reputation but bottom line. It's important for automotive businesses to build resilience and the ability to bounce back from disruptions to make them as short and limited as possible."
Khoder adds that when it comes to cyber safety, the transportation and automotive industries have a number of key recommendations to consider.
"Don't be afraid to embrace technology, but carefully manage the risk and improve basic cyber security. Risk management planning should look beyond the four walls of the business and extend to include external counterparties."
"Australian automotive and transport businesses can mitigate the impact of cyber breaches on their IT systems by taking out appropriate cyber insurance. Zurich policies insure against eligible third-party risks most commonly associated with data breaches or business interruption."
For further information contact:
Head of Marketing, Communications & Customer, General Insurance
Zurich Financial Services Australia Limited
Level 3, 5 Blue Street, North Sydney, NSW 2060
Phone: +61 (02) 9995 1368
Zurich Insurance Group (Zurich) is a leading multi-line insurer that serves its customers in global and local markets. With about 55,000 employees, it provides a wide range of general insurance and life insurance products and services. Zurich’s customers include individuals, small businesses, and mid-sized and large companies, including multinational corporations, in more than 170 countries. The Group is headquartered in Zurich, Switzerland, where it was founded in 1872. The holding company, Zurich Insurance Group Ltd (ZURN), is listed on the SIX Swiss Exchange and has a level I American Depositary Receipt (ZURVY) program, which is traded over-the-counter on OTCQX. Further information about Zurich is available at www.zurich.com.