Lucien Mounier, head of Asia Pacific, Beazley

Businesses need to be ‘battle-ready’ for cyber attacks

Lucien Mounier, head of Asia Pacific, Beazley

July 17 2019

The threat of cyber attacks on businesses in Asia ranks higher than elsewhere in the world (1) and this comes as no surprise. The region is home to some of the most tech-savvy nations including key business hubs in Asia – China, Hong Kong and Singapore.

In addition to being home to several global and multi-national companies, China and Singapore are also among the top 20 most start-up friendly countries in the world along with India, Malaysia and South Korea (2) – China accounted for 38% (3) of the world’s venture capital and Singapore captured a growth of 1500% in venture capital funding since 2010 (4).

While businesses in Asia are undergoing digital transformations with the aim of improving their effectiveness and efficiency, hackers, too, are getting more sophisticated and unpredictable. Asia reported the highest number of cyber threats, which accounted for 40% of global ransomware attacks and faced a total economic loss of US$1.75 trillion in 2017 (5).

What’s even more alarming is cyber security consultancy Mandiant reported that the median length of time taken for a business in Asia to detect a cyberattack is 498 days – 4.9 times longer than the global median time (6).

As cyber criminal activities thrive in the region, parts of Asia’s economic growth could be impacted through a lack of preparedness. Beyond the immediate effects of a cyber incident such as business interruption costs, decreased confidence from potential investors and threats to global supply chains are some of the repercussions that organisations in the region could face.

Cyber risks no longer remain solely the responsibility of the IT department, they are now a C-suite issue with the potential to impact a company’s reputation and financial health.

Low take-up rates of cyber insurance in some areas of the region are often due to key reasons such as the mismatch of needs and coverage between businesses and insurers; a lack of understanding by clients on the available coverage; and low maturity to information security.

There is arguably a larger, more proactive role for the insurance industry to play in complementing businesses’ cybersecurity strategies and providing more risk management support to clients before, during and after a cyber event. Insurers, brokers and regulators have an important role to play in helping to educate business stakeholders beyond IT departments on the various types of cyber-risks ranging from malicious attacks to human error.

At the same time, these groups can advise businesses on the associated financial and reputational impact and risk-transfer solutions available to support them in the event of an incident. Leveraging publicly available data such as white papers and reports, similar to Beazley’s quarterly breach insight report, is essential to help understanding of the various risks and scenarios.

Adapting to the ever-changing cyber landscape

Businesses and insurers that stay abreast of technological advancements and digital disruption are better positioned to understand and even predict new risks, which can improve the accuracy of organisations’ risk exposure models. This, in turn, helps insurers design more innovative cyber insurance products and services to cater to the organisations’ specific needs.

Because of the complexity and rapidly changing nature of cyber risk, it can be difficult for general insurers to provide a solution for clients on their own.

One solution for insurers that do not have the in-house expertise or the data is to identify a cyber insurance specialist to collaborate with in order to develop an offering through a partnership model that can be available along with their other products.

Cyber threats require a holistic response and a robust risk management strategy that ensures organisations are aware of preventative measures they can take, and know how to respond if they do suffer a breach.

 

 

 

 

 

References

(1) Marsh 2017 Cyber Risk in Asia Pacific – The case for greater transparency

(2) CEOWorld Magazine, January 2 2019, Most start-up friendly counties in the world 2019

(3) Forbes, January 14 2019 China Rises To 38% of Global Venture Spending in 2018, Nears US Levels

(4) Nikkei Asian Review, October 24 2018 South-East Asian tech hubs race to become the next Silicon Valley

(5) Channel News Asia, May 18 2018 Singapore firms incurred S$23.8b economic losses from cyberattacks last year

(6) Mandiant, M-Trends 2018

MORE FROM: Comment