In a digitally transformed and hyperconnected business world, all industries are at grave risk of cyber attacks. But a robust risk, insurance and claims management framework could help mitigate the impact
Imagine a world where criminals could add fake cancerous cells to an MRI scan to discredit a politician standing in an election or where a laptop stolen from a construction site could lead to the theft of credit card and personal data of hundreds of thousands of consumers.
This is the reality of 21st century business – and the risks described will worsen for corporations as the world continues towards digital interconnectivity.
Companies in every sector rely heavily on the type of advanced technology, that only ten years before, might have seemed like something from a science fiction movie. Inventions such as artificial intelligence, the internet of things (IoT), virtual reality and drones have transformed the way we work, live and interact with the world.
Indeed, the benefits are plentiful – companies can penetrate markets that were once out of their reach. Productivity and efficiency have increased, while production and operation costs have declined. But the downside, of course, is that companies have never been so vulnerable to cyber risks – and the consequences of such attacks are more widespread than we could have ever predicted.
For instance, recent research by security firm Cyclance found that the healthcare system is bearing the brunt of ransomware attacks. These attacks grew threefold last year, and the healthcare sector now receives 34% of the threats.
This is unsurprising given the fact that medical data is increasingly kept online, and procedures and diagnostics rely heavily on new technologies. Everything – from hospital records and test results to lifts in hospitals – are now connected via the internet.
Carrie Campi, Esq. vice-president, North American claims group at Allied World, said: “Given the ever evolving nature of intrusion, healthcare related entities are at higher risk of internet connected devices being compromised by either losing confidential data or becoming inoperable possibly through some sort of attack. A disruption of use of these critical devices will result in lost business and possibly worse.”
MANUFACTURING AND CONSTRUCTION
It is not hard to find examples of the scale of cyber incidents in recent years. The WannaCry attacks in 2017, for example, infected thousands of computers globally and brought the NHS almost to its knees. In May, cyber security researchers said they had created a new malware that attackers could use to target a presidential candidate to get them to withdraw from an electoral race.
Of course, healthcare isn’t the only sector facing significant risks. Manufacturing and construction are two other industries that are particularly vulnerable. Research by Symantec showed that manufacturing was among the top three industries targeted by spear phishing attacks, for example.
Indeed, both sectors rely on technologies – smart machines, storage systems and production facilities – across multiple sites. Jason Glasgow, vice-president, US technology, privacy and network security practice Lead at Allied World, says: “Wearables and drones provide real-time monitoring and data collection, while virtual reality can create simulations of building designs. These technologies open a world of safety, training and efficiency opportunities, but also give malicious actors potential access to valuable information.”
This ‘flexible manufacturing’ is enabled by the ‘industrial internet’ and is expected to improve production and resource efficiency by 18% in the next five years, while also reducing costs by 2.6% each year, according to Symantec.
However, the interconnectivity means that companies are more vulnerable. In particular, any attacks that cause substantial delays to production or projects are likely to be extremely costly for both manufacturing and construction businesses.
There is also a significant risk surrounding the access that these firms often have to confidential client data.
Glasgow explains: “Compromised intellectual property such as building specifications and architectural drawings can provide a roadmap for criminals to gain access to valuable personally identifiable information (PII), including financial accounts and employee data.”
Read More: https://www.strategicrisk-asiapacific.com/latest-updates/cyber-resilience-in-the-digital-era/1430826.article