Skip to main content
Journal Magazine: Informing Workplace and Facilities Management Professionals - return to the homepage Journal magazine logo
  • Search
  • Visit Journal Magazine on Instagram
  • Visit Journal Magazine on Twitter
  • Visit @Journal_Mag on Facebook
Visit the website of the Chartered Insurance Institute Logo of the Chartered Insurance Institute

Main navigation

  • Home
  • News
  • News analysis
  • Features
  • Study Room
    • A-Z
    • Question and Answer (Q&A)
    • Study Room Features
  • Opinion
  • CII Radio
  • Events
  • Digital Magazine
    • The Asia-Pacific Journal
Quick links:
  • Home
  • Study Room
  • A-Z

A-Z OF… reputational risk

Share on
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print
Open-access content Wednesday 5th July 2017

Article hero image.

Dan Trueman, of Novae, takes an alphabetised look at reputational risk

Cyber security and cyber attacks are topics dominating the news and business agendas. Even before the WannaCry event, UK CEOs recently rated cyber risk as the second most significant business threat they face; 97% of those surveyed by PwC said their organisation is addressing cyber breaches affecting business information or critical systems. This has become an executive-level concern and while it is positive that organisations are taking cyber security seriously, reviewing their IT infrastructure and implementing improved cyber hygiene, they also need to consider the impact of a cyber attack from a reputational perspective.

Reputational harm is recognised as the most detrimental risk for businesses yet there are few established products to cover this risk. There are still some areas, such as first-party loss, that are not covered by many existing products. Yet first-party loss resulting from a cyber attack tends to be very high, including drop of share value and declining revenue, so as an industry we need to keep ensuring there is appropriate cover for this risk.

Examining recent hacks highlights the damage that can be caused. TalkTalk suffered a serious data breach in 2015, which led to a record fine of £400,000 from the Information Commissioner's Office, while its share price fell by a third and it lost 100,000 customers. In the US, Sony suffered a cybersecurity breach in 2014, which led to its share price falling by 10%, terabytes of sensitive data being posted on Pastebin, the unauthorised release of a film and its CEO Amy Pascal being fired. Lastly, one of the largest data breaches in history was suffered by Target in 2013, following which its share price fell 46%, its profit plunged in the following quarter and the CEO lost his job. What is often of most concern is that many of these large-scale exploits use known vulnerabilities and are not unfamiliar zero-day attacks.

NEGATIVE IMPACT

Reputation is one of the most valuable and vulnerable assets a business has because it impacts everything -- revenue, growth, success -- so taking adequate measures to protect it is of paramount importance. The total cost of reputational harm events largely depends on timely and efficient crisis management after the incident, so it is vital that businesses are prepared ahead of an incident occurring. Business leaders should take a proactive approach by implementing a culture of resilience throughout the organisation, testing response plans to ensure they are fit for purpose, and reviewing insurance and risk transfer solutions.

As an industry, we should also be considering how we can best respond to this growing risk. We need to create products that meet clients' requirements in this fast-moving cyber landscape, products that protect their assets, both tangible and intangible. Cyber is only one of the potential triggers for reputational harm so it might be feasible to provide more comprehensive products that cover broader triggers such as product recall. This is the time for us to collaborate as an industry; we need to innovate and demonstrate the entrepreneurial ability of the market we operate in to ensure we provide cover that clients truly need.

KNOWING YOUR A-Z

A -- attacks

B -- breaches

C -- crisis management

D -- data

E -- executive-level

F -- first-party

G -- growing

H -- hygiene

I -- implementing

J -- job

K -- keep

L -- landscape

M -- market

N -- need

O -- office

P -- product

Q -- quarter

R reputation

S -- share

T -- threat

U -- unauthorised

V -- valuable

W -- WannaCry

X -- eXamining

Y -- cYber

A -- zero-day

Dan Trueman is chief innovation officer and head of cyber at Novae

You may also be interested in...

  • A-Z-¦ the growth of cryptocurrency
  • A-Z OF-¦ CATASTROPHE IMPACT
  • THE INTERNET OF THINGS
Filed in:
A-Z

You might also like...

Share
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print

Today's top reads

BECOME A MEMBER

BECOME A MEMBER

SUBSCRIBE TO PRINT

SUBSCRIBE TO PRINT
The-Journal_NEW.png
​
FOLLOW US
Twitter
Facebook
Youtube
CONTACT US
Tel: +44 (0) 20 7880 6200
Email
Advertise with us
​

About the CII

About us
Membership
Qualifications
Events

The Journal

Digital magazine
Podcasts
Blog
News

General Information

Privacy Policy
Terms & Conditions
Cookie Policy

Get in touch

Contact us
Advertise with us
Write for The Journal
Want to receive The Journal?

© 2022 • The Journal Magazine is published by Redactive Media Group. All rights reserved. Reproduction of any part is not allowed without written permission.

Redactive Media Group Ltd, 71-75 Shelton Street, London WC2H 9JQ