Many companies are unknowingly vulnerable to data leakage, phishing attacks, trojans or advance persistent threats, according to a new report from Lloyd's and technology company HP.

Digital risk management must be a board-level concern for business as the range, frequency and scale of cyber attacks increases, said the report, “Managing digital risks: trends, issues and implications for business.”

The report warns that as businesses become more reliant on technology, they will face more complex and damaging digital attacks as sophisticated attackers quickly adapt their methods to steal from, disrupt and spy on businesses.

Lloyd's Chairman Lord Peter Levene said in a statement: “A discussion of digital risks should be on the agenda of board meetings everywhere as cyber attacks become more frequent, more creative and more disruptive. Cybercrime is an international business aided by those countries without the legislative framework to tackle it.”

While most of the digital risks that companies face, such as extortion and stolen information, are similar to risks they have always known, technology has increased the speed at which these risks can occur and amplified their impact, the report said.

Lord Levene said in a forward to the report that “attacks on companies in one country can emanate from the other side of the world, while some countries are effectively 'cyber sanctuaries,' where criminals can operate free from cybercrime legislation.”

The study points out that as part of the overall digital risk management strategy, companies should consider the growing number of cyber-risk insurance products and solutions that can transfer these risks to third parties. Although difficult to measure, the current market for cyber insurance is estimated to be about $600 million, a 16-25 percent increase from 2009.

Most digital risk mitigation typically happens within the IT department. However, risk managers, technology experts and other stakeholders need to be more involved in the process in order to bring broader business perspectives to the decisions that are made.

Prith Banerjee, senior vice president of research at HP and director of HP Labs, said the real challenge for risk managers “is to determine how to effectively monitor digital risks in order to decide how seriously they should be considered.”

Specifically, for risk managers, the report recommends:

o Setting up a working group of technology experts and key stakeholders across the business to monitor and review business risk exposure.

o Becoming more involved in IT governance and strategy.

o Ensuring applicable standards are used to manage digital risks.

o Considering risk transfer solutions as part of an overall digital risk management strategy.

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.