Ignorance no longer a cyber defence

Ignorance no longer a cyber defence

Ignorance no longer a cyber defence Ignorance is no longer a defence for companies who have been the victims of a cyber attack as the coverage is expected to pick up speed over the coming years.

Cyber is no longer an issue for the IT department as boards of directors can and will be held responsible for breaches around the world as global regulations change to match the evolving threat of cyber attack.

Lambros Lambrou, a member of the Global Aon Risk Solutions operating committee as well as CEO for the business in Australia and a member of the Pacific board of the company, said that.

“One of the things that is tricky with cyber, which could be analogous to D&O many years ago when that first came out is that clients don’t necessarily want to share the ins and outs of data breaches that have happened because it is private and some of it is confidential,” Lambrou told Insurance Business.

“We actually live in a much more open world in terms of information nowadays so I think the interesting thing with cyber is that while the data and insight around specific issues needs a lot more work I think the general level of awareness around cyber in terms of the expected level of general awareness has gone up because ignorance is no longer a form of defence.”

Many regard the attack on US retailer Target as a tipping point which saw executives realise the true impact a cyber attack could have on a business as directors and officers were sued by a number of shareholders in the aftermath of the attack.

With little modelling data available for insurers looking to enter or remain profitable in the cyber market, Lambrou said that the industry should look to invest in predictive analytics as a way to improve their risk outlook in the cyber market.

“The industry in and of itself is getting much, much better not just at identifying risk but also quantifying them and how they behave,” Lambrou continued.
“One of the things that is a little different today than perhaps twenty years ago is the shift in modelling risk based on history to moving more to predictive analytics which is more about understanding what the future might look like.

“I think the advances made around predictive analytics helps, if you were reliant solely on historical data, you’d struggle with cyber as you’ve got no real history to work to.”


Related stories:
Chubb leader reveals cyber trends to watch
AIG Malaysia links up with IT security firm to provide cyber coverage