The fastest growing peril faced by businesses today is cyber exposure. Firms are driven by data and are dependent upon technology.
Occurrences in 2017 highlighted cybersecurity issues. Furthermore, we were shown how vulnerable we are to the hacking of our personal information. Hospitals, voting records and school districts were targeted. Not only were US consumers the focus of the hackers but also another 150 countries.
Three hundred thousand computer systems across the globe were affected by the malevolent Wannacry, NotPetya and Equifax malware. They caused extensive business interruption losses.
Brad Gow, global cyber product leader at Sompo International has warned that a threat could come from a dozen different directions. Cyber experts view the industry as unprepared for cyber exposure due to a lack of experience and data. This is troubling in a continually evolving cyber risk environment.
The NotPetya malware was composed to attack corporate networks. It used a hacked version of a well-known accounting program in Ukraine. It destroyed data and filesystems within each computer.
Most of the attacks happened in Ukraine and Russia. Losses amounted to hundreds of millions of dollars within a few weeks. However, business interruptions continued for months.
Brad Gow said that fortunately, it had not been a true zero-day event. If it had been, this would have turned the cyber insurance market on its head. A zero-day attack happens when developers have not had time to fix a recently discovered software vulnerability. Therefore, there is time for hackers to take advantage of the security gap.
Equifax Inc. expects the 2017 data breach costs to top $275 million this year. Reuters has stated that this could be the costliest hack in corporate history.
In May 2017 WannaCry targeted computers running Microsoft Windows operating system. Data was encrypted and then Bitcoin ransom payments were demanded.
It appears that companies are taking cyber insurance more seriously since the above attacks.
Maersk, a transport and logistics company, lost more than $200 million due to the NotPetya attack. As a result, the company has said that they are taking cyber insurance coverage very seriously.