Cyber warning as threats increase

Risk management organisation AIRMIC, has issued a new guide to its members amid warnings that companies cannot afford to drop their guard over the threat posed by cyber risk.

As the association was holding its annual conference in Liverpool and its CEO warned that companies could not expect an off the shelf solution as the threat continued to evolve.

Julia Graham (pic) said: “There is no ‘one size fits all’ approach to addressing cyber risks with specific business circumstances varying greatly from organisation to another. It may be appropriate for organisations to consider accreditation or certification from a recognised body, such as Cyber Essentials, Cyber Essentials Plus or ISO270001. These accreditations may help an organisation, however, accreditation alone is not enough. Asking the ‘right’ questions before a problem arises, makes good management sense. This guide is an important contribution to our members who support their leadership, as they collectively navigate an increasingly complex world and associated governance responsibilities.”

The organisation has issued the new cyber guide which contains a series of steps it hopes can aid risk managers in creating a cyber strategy.

It comes after the World Economic Global Security Outlook concluded that “The potential cyber risks and vulnerabilities of these new technologies should be on minds of every leader when considering technology adoption and implementation.”

Graham added the challenge is how to translate leaders’ concerns about cyber security into constructive action at board level.

The publication aims to provide an insider’s guide to cyber risk and insurance for end users, and for board members in particular, she explained.

Twelve questions make up the core of the guide, focusing on practical issues that commonly arise.

“The answers are intended to provide general guidance as to the likely position, subject to the significant caveat that no two cyber risks or cyber insurance policies are the same,” stated the report.

“Although the UK Government National Cyber Security Strategy published in 2022 is government-led, the private sector and citizens are assigned responsibility to manage cyber risks,” it added. “The Strategy assumes that cyber risks will become pervasive, increasing the volume of personal and sensitive data generated and the potential impact if systems are breached.

“Against this backdrop, the threats in cyberspace will continue to evolve and diversify as high-end cyber capabilities become commoditised and proliferate to a wider range of states and criminal groups. The number of actors with the ability and intent to target the UK in cyberspace, and threat actors will employ a wider range of levers to conduct disruptive activity. “

Francis Kean, partner – financial lines, at broker McGill and Partners which co-authored the report added commented: “No directors can afford to ignore the ever evolving and expanding cyber threats posed to companies on whose board they sit. Given that most board members are not IT experts, how should they go about the task of assessing both the nature and level of these threats and the state of the company’s preparedness and resilience to meet them? We hope this Guide will prove a useful and practical tool to enable them to do this whilst at the same time providing some useful clarity both as to certain key definitions and expressions and as to the role cyber insurance can play in risk mitigation.”

Follow us on twitter: @risksEmerging

Twitter feed is not available at the moment.