Zurich research finds Australian IT companies must prepare to face global internet failure
The report, Global interconnections of cyber risk: impact on the information technology industry’ , warns a single set of principles alone will be insufficient’ if anticipated global internet failures hit.
It finds that no company, not even in the IT sector, can completely secure themselves against interconnected and complex cyber shocks and comes at a time when statistics around the world already show a startling number of cyber security attacks.
In fact, in a 2013 presentation, IBM Security Services General Manager Kristin Lovejoy revealed the average company faced 2,641,350 security attacks every week. She stated that malicious code was the most common type of attack, with others including unauthorised access, denial of service, credentials abuse and a sustained probe or scan.
Zurich’s Chief Information Officer, Scott Watters, says the report sends a clear message to Australia’s IT industry to remain at its most vigilant.
“With its ongoing immeasurable complexity, the internet of tomorrow will undoubtedly be less robust and resilient than it is today, so it comes down to the companies and businesses that are most resilient and agile.”
“Those companies will shift from protection towards resilience. They will have a plan in place that allows them to bounce back from cyber disruptions. No matter how large the company, a relatively small set of actions can protect against most cyber risks – things like following standards for secure coding and implementing critical security controls devised by organisations such as The Council on Cybersecurity.”
Scott says another key method for companies to build resilience is for them to examine the most likely and dangerous cyber risks, and then ensure their Executives, Board security and response teams all practice their reactions should those risks ever eventuate.
“It is surprising how often this type of drill is overlooked, alongside the basic safety net of having the relevant insurance, as we found in another report released by Advisen which looked at cyber risk management practices in the Asia-Pacific region.”
That report, 2014 Network Security & Cyber Risk Management: A survey of enterprise-wide cyber risk management practices in the Asia-Pacific region, showed results consistent with similar surveys in Europe and North America, with 96% of respondents believing cyber risks posed at least a moderate threat to their organisation.
“The survey found that APAC companies are slower to adopt certain cyber risk management strategies, including threats associated with social media, cloud computing and mobile devices,” says Scott.
“Alarmingly, the report revealed that despite the vast majority of risk professionals, senior executives and board members acknowledging the threats to network and information security, less than one third of organisations surveyed currently had cyber liability insurance as part of their risk management strategy.”
“This mentality must change. Risk professionals need to talk to their broker or insurer and understand how they can protect themselves against specific risks. We know the market hears it all too often but reputational damage can be one of the most serious and lasting impacts of cyber risk. Just one attack on a vulnerable system can undo years of reputation and brand building,” says Scott.
A full copy of the report can be downloaded (pdf 3.25Mb).
For further information contact:
Head of Marketing, Communications & Customer
Zurich Financial Services Australia
Business ph: +61 (02) 9995 1368
Zurich Insurance Group (Zurich) is a leading multi-line insurer that serves its customers in global and local markets. With about 55,000 employees, it provides a wide range of general insurance and life insurance products and services. Zurich’s customers include individuals, small businesses, and mid-sized and large companies, including multinational corporations, in more than 170 countries. The Group is headquartered in Zurich, Switzerland, where it was founded in 1872. The holding company, Zurich Insurance Group Ltd (ZURN), is listed on the SIX Swiss Exchange and has a level I American Depositary Receipt (ZURVY) program, which is traded over-the-counter on OTCQX. Further information about Zurich is available at www.zurich.com.