Close
  • Home
  • Applications
      • Asset Management
      • Business Intelligence
      • CEM
      • Cognitive
      • Compliance
      • CRM
      • Data Center
      • E-Invoicing/E-Billing
      • Enterprise Communication
      • Enterprise Mobility
      • ERP
      • Facility Management
      • GDPR
      • Human Resource
      • Information Security
      • ITSM
      • Managed IT Services
      • MarTech
      • Payment and Card
      • Procurement
      • RegTech
      • Risk Management
      • RPA
      • Software Testing
      • Unified Communication
  • Verticals
      • Automotive
      • Casino Tech
      • Contact Center
      • Enterprise Startups
      • Field Service
      • FinTech
      • Healthcare
      • Legal Tech
      • PropTech
      • Telecom
      • Travel and Hospitality
  • Technologies
      • Agile
      • Artificial Intelligence
      • Augmented & Virtual Reality
      • Big Data
      • Blockchain
      • Cloud
      • Data Analytics
      • DevOps
      • Drone
      • HPC
      • IoT
      • Robotics
      • Smart City
      • Storage
  • Company Eco System
      • Adobe
      • Dassault Systemes
      • HPE
      • IBM
      • Microsoft
      • Oracle
      • Salesforce
      • SAP
  • News
  • conferences
  • Newsletter
  • Specials

  • Menu
      • Big Data
      • Blockchain
      • Casino Tech
      • CEM
      • Cloud
      • CRM
      • DevOps
      • Drone
      • Facility Management
      • GDPR
      • IoT
      • Legal Tech
      • Oracle
      • PropTech
      • RPA
  • Blockchain
  • Cloud
  • CRM
  • Drone
  • Facility Management
  • IoT
  • Oracle
Specials
  • Specials

  • Big Data
  • Blockchain
  • Casino Tech
  • CEM
  • Cloud
  • CRM
  • DevOps
  • Drone
  • Facility Management
  • GDPR
  • IoT
  • Legal Tech
  • Oracle
  • PropTech
  • RPA
×
#

CIO Applications Europe Weekly Brief

Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from CIO Applications Europe

Subscribe

loading
  • Home
  • Cyber Security
Editor's Pick(1 - 4 of 8)
left
The Tao of Cyber Security in today's reality

Marc DeNarie, CIO, NaturEner USA & Canada

Security and Compliance-Focused IT Approach-Key For Business Success

Daniel Hughes, CIO, Elementis Global

Cybersecurity in a Connected Government

Behzad Zamanian, CIO, City of Huntington Beach

Conducting Cloud Operations Economically

Scott Crowder, SVP & CIO, BMC Software

Service Driven Technology

Les Ottolenghi, EVP & CIO, Caesars Entertainment

Addressing Cyber Security Strategically

David L Stevens, CIO, Maricopa County

IT- A Game-changer in Cybersecurity

Tammy Moskites, CIO and CISO, Venafi

The Realities of Cybersecurity

Doug Mullarkey, CIO, First Choice Loan Services Inc.

right

THANK YOU FOR SUBSCRIBING

Behind the numbers - understanding cyber losses

By Mark Camillo, Head of Cyber, EMEA, AIG

Tweet
content-image

Mark Camillo, Head of Cyber, EMEA, AIG

Cybercrime is a fast growing, global business. 80 percent of global businesses suffer from a cyber breach each year and total damage to the global economy could reach $400 billion in 2017. Understanding the causes of cyber loss is critical to how businesses can think about both the prevention of attacks and the cure should they occur. Major data breaches and more recently, audacious Distributed Denial of Service (DDoS) attacks exploiting the Internet of Things (IoT), are the types of cyber intrusion that are most likely to capture headlines. But it is cyber extortion and ransomware that is one of the fastest growing cybercrimes, a trend that is captured by AIG EMEA cyber claims statistics from the period between 2013 through to September 2016.



Encryption ransomware extortion claims accounted for 16 percent of claims during that period, with a further 4 percent of claims relating to other cyber extortions.

Paying the price

People are sometimes surprised at how small some of the ransom demands are. Nevertheless, given the high frequency of attacks, extortion is a lucrative and relatively straightforward way of accessing ‘fast cash’ for cyber criminals. Malicious actors are thought to have generated around $325million in revenue over the past three years by using the CryptoWall code, according to research by the Cyber Threat Alliance, while the Cryptolocker gang made over $30million in 2015 using relatively simple ransomware. An explosion in different types of ransomware deployed in 2016 suggests that this form of cyberattack is only going to become more frequent.

Despite the growing risk of a cyberattack, a surprising number of companies are unprepared to deal with the threat


In the cases of cyber extortion, claims severity depends on the type of organisation, the level of business interruption caused and need for forensic investigation and system restoration. Ransom demands typically remain small. For example, one online retailer was subject to a DDoS attack, which resulted in their website being inaccessible or experiencing reduced performance. Prior to the attack they received an online message claiming that their website protection was extremely low and it would be taken offline unless a payment of £3,000 was made. Further ransom demands of £500 were made during the attack.

Largescale DDoS attacks are also a rising concern, up 138 percent year-on-year, according to Akamai’s latest State of the Internet/Security Report. In October 2016, a massive DDoS attack hit servers at domain name system provider Dyn, resulting in widespread disruption. The DDoS involved a botnet coordinated through tens of millions of connected devices including surveillance cameras, webcams, smart thermostats and even baby monitors infected with the Mirai malware.

For those affected by ransomware or DDoSattacks, business interruption (BI) costs are highest during peak trading periods. Half of the respondents to one recent survey revealed that they could lose over $100,000 per hour during critical periods – even if the initial ransom demand is low.

While business interruption currently accounts for just four percent of AIG EMEA cyber claims (with a further four percent of claims falling under system failure/outage), BI cyber claims are expected to increase in frequency and severity in the future. Rapid breach response is one way of mitigating the potential impact.

Regulation to drive data breach claims

Perhaps unsurprisingly, the majority of cyber claims currently emanate from industries that are required to notify customers if sensitive data has been compromised. But from 2018, under the General Data Protection Regulation (GDPR), all companies based in the EU and those based outside of the EU who process EU citizens’ data will be required to report a breach within 72 hours of it occurring – if that is feasible. There will be significant fines for those firms that have failed to protect data adequately. A company can be fined up to two percent of their global annual turnover for not having records in order, failing to notify the supervisory authority about a breach or failing to conduct impact assessments. Infringements that are more serious could merit a four percent fine.

It is anticipated the new data protection rules and headline-hitting data breach exposés will continue to drive greater demand for cyber cover. However, despite the growing risk of a cyberattack, a surprising number of companies are unprepared to deal with the threat. From our experience of working with companies – large and small – that have suffered from some sort of data breach, it is clear that it is not just being a victim of a breach that can cause damage to businesses, but also how a breach is handled. Many organisations are dealing with cyber claims for the first time and, even if they have the resources required to respond, they often do not know how to deploy them. Insurance plays a key role in not just offsetting costs when a cyber event happens, but also preventing an attack in the first place, and responding correctly to reduce damage when cyber security fails.
tag

cyber criminals

IoT

Read Also

Service Driven Technology

Service Driven Technology

Les Ottolenghi, EVP & CIO, Caesars Entertainment
Addressing Cyber Security Strategically

Addressing Cyber Security Strategically

David L Stevens, CIO, Maricopa County
IT- A Game-changer in Cybersecurity

IT- A Game-changer in Cybersecurity

Tammy Moskites, CIO and CISO, Venafi
The Realities of Cybersecurity

The Realities of Cybersecurity

Doug Mullarkey, CIO, First Choice Loan Services Inc.

Weekly Brief

loading
cxoinsights
Top 25 Cyber Security Companies - 2017
ON THE DECK

Cyber Security 2018

Top Vendors

Top Trending News

  • How can European Providers Outdo Global Cloud Computing Suppliers?
    How can European Providers Outdo...
  • How Europe Plans to Minimize 5G-Induced Risks
    How Europe Plans to Minimize...
  • Top 3 Tech Innovations Striding in the European HR Industry
    Top 3 Tech Innovations Striding in...
  • 4 Latest Enterprise Mobility Trends to Follow
    4 Latest Enterprise Mobility Trends...
View More ›

Copyright © 2019 CIOApplicationsEurope. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy |  Sitemap |  Subscribe |  About Us

follow on linkedin follow on twitter follow on rss
This content is copyright protected

However, if you would like to share the information in this article, you may use the link below:

https://cyber-security.cioapplicationseurope.com/cxoinsights/behind-the-numbers-understanding-cyber-losses-nid-42.html