Skip to main content
Journal Magazine: Informing Workplace and Facilities Management Professionals - return to the homepage Journal magazine logo
  • Search
  • Visit Journal Magazine on Instagram
  • Visit Journal Magazine on Twitter
  • Visit @Journal_Mag on Facebook
Visit the website of the Chartered Insurance Institute Logo of the Chartered Insurance Institute

Main navigation

  • Home
  • News
  • News analysis
  • Features
  • Study Room
    • A-Z
    • Question and Answer (Q&A)
    • Study Room Features
  • Opinion
  • CII Radio
  • Events
  • Digital Magazine
Quick links:
  • Home
  • Regulars
  • Hot Topics

The danger increases

Share on
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print
Open-access content 8th March 2018

Article hero image.

Liz Booth examines two recent incidents that have raised the stakes on cybersecurity.

It seems we see warnings about cyber risks almost daily but, in recent times, a couple of these warnings have stood out. First, it was the news that hackers have infiltrated computer chips and potentially have access to millions of devices worldwide; then came the latest news about the cost of a major cloud provider failure. This all comes as Europe prepares for the implementation of the General Data Protection Regulation (GDPR) which, for the first time, puts the price of a data breach at 4% of global turnover. As one insurance broker was quoted as saying: "It is the first time we can truly quantify the potential claims cost."

ECONOMIC IMPACT

Earlier this year, Lloyd's, in partnership with risk modeller AIR Worldwide, launched a new report, Cloud Down -- The Impacts on the US Economy, which analyses losses for 12.4 million US organisations following the failure of a cloud provider, and proposes an alternative approach to help insurers model these risks, which are typically harder to assess than other perils like natural disasters, due to the complex and highly interconnected nature of the digital world.

In the report, it is revealed that companies outside of the Fortune 1000 -- who are more likely to use cloud provider services -- would carry a larger share of the economic and insurance losses than Fortune 1000 companies. However, the biggest 1,000 companies in the US would still carry 38% of economic losses.

KEY REPORT FINDINGS INCLUDE:

  • An extreme cyber incident that takes a top cloud provider offline in the US for three to six days would result in economic losses of $15bn and up to $3bn in insured losses;
  • Businesses outside the Fortune 1000 would carry 63% share of economic losses and 57% of insured losses -- indicating that they are at the highest risk;
  • Fortune 1000 companies would carry 37% of economic losses and 43% of insured losses;
  • Like any model result, these figures have uncertainty and AIR estimates a 95% confidence interval of $11bn--$19bn around the central estimate of $15bn. If a top cloud provider went down:
  • Manufacturing would see direct economic losses of $8.6bn;
  • Wholesale and retail trade sectors would see economic losses of $3.6bn;
  • Information sectors would see economic losses of $847m;
  • Finance and insurance sectors would see economic losses of $447m;
  • Transportation and warehousing sectors would see economic losses of $439m.

Only a few days before the cloud provider failure report, warnings had come of the increased cyber threat after it emerged major computer firms were battling to patch a security breach in their computer chips.

Matt Sumpter, underwriting director, technology and cyber risks, CNA Hardy, warns: "Personal and business systems may be affected and given the issue appears to extend to cloud providers, there may be an immediate threat, particularly to businesses large and small that use cloud-based data centers or webhosting to run their businesses."

However, there is a silver lining, he believes: "In a sense the timing is fortunate -- if this had happened [after] the implementation of GDPR, which comes into effect in May, the ramifications of this failure could have been much wider.

"This incident reinforces the need for companies to stay vigilant. A security strategy that ensures IT assets are expertly managed has never been more critical in the defence against cyber exposure and the related business continuity and revenue risks."

You may also be interested in...

  • Interrupt response time
  • The bad habits of AI
  • It's coming, ready or not
Filed in:
Hot Topics
Share
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print

Most-Popular

 

 

BECOME A MEMBER

BECOME A MEMBER

SUBSCRIBE TO PRINT

SUBSCRIBE TO PRINT
The-Journal_NEW.png
​
FOLLOW US
Twitter
Facebook
Youtube
CONTACT US
Tel: +44 (0) 20 7880 6200
Email
Advertise with us
​

About the CII

About us
Membership
Qualifications
Events

The Journal

Digital magazine
Podcasts
Blog
News

General Information

Privacy Policy
Terms & Conditions
Cookie Policy

Get in touch

Contact us
Advertise with us
Write for The Journal
Want to receive The Journal?

The Journal Magazine is © 2020 Redactive Publishing Limited

All rights reserved.