, worldwide insurers, have called on Asia-Pacific chief executive officers to get serious about cyber threats. They say current corporate risk management practices in Singapore are inadequate. There has been a 2000 per cent increase in cyber attacks over the last three years with 49 per cent originating from the Asia Pacific region.
The alarming growth in cyber breaches has dominated world headlines. 75 per cent of organisations have experienced some form of cyber incident but awareness of cyber risk remains low.
Ian Pollard, Asia-Pacific vice president of Chartis, says: “A corporate risk management framework needs to address cyber exposures. Companies have to proactively manage cyber risks across the organisation, and this priority should be driven from the boardroom.”
Cyber attacks in the form of data breaches and network intrusions can impact operations. This results in lost productivity, legal expenses, third party liabilities, exposed intellectual property, and damage to reputation. The cost of cyber attacks is growing with the average security and privacy claim at S$6.7 million.
Pollard explains: “It is not a coincidence that the World Economic Forum ranked cyber risk as the single largest threat to global infrastructure for 2012, above financial collapse, natural disaster or traditional terrorism.”
Financial implication of cyber attacks:
• One in 10 who reported cyber fraud suffered losses of S$6.4 million,
• In 2010, the average cost to remediate a data breach in Australia was S$2.4 million,
• Companies lost S$5.9 billion worth of intellectual property in 2008, and
• The average drop in share price, after notifying the market of a breach, is five per cent.
Eric Lam, Symantec’s enterprise director for risk and compliance, Asia-Pacific and Japan, says: “The growing popularity and adoption of mobile computing, social media, and consumerisation of IT in the workplace have introduced new security risks for businesses. Organisations need to put in place a defence-in-depth security strategy covering technology, processes, and employee awareness.”
Chartis observed that attackers often steal personal and government identification information and credit card details. The rise in cyber threats prompted the organisation to develop a new specialised insurance product called CyberEdge, which provides the first cyber coverage solution in Asia-Pacific. The solution addresses the loss of corporate information and personal data from cyber threats, and it covers liability from data protection laws.
Gigi Cheah from Norton Rose, partner and Asia lead for technology and data privacy, says: "With the strengthening of privacy and security legislation worldwide, the penalties imposed for failure to safeguard data are increasing. Based on the proposed changes to the European Union data protection regulation, offending corporations face a maximum penalty of two per cent of global annual turnover."
According to Pollard, technology trends such as cloud computing and the large number of mobile devices will cause data security risks to grow.
Ken Low, chairman of the Cloud Security Alliance’s Asia Pacific executive council and director of enterprise security at Trend Micro Asia Pacific says: “Businesses are increasingly adopting cloud infrastructure for mission-critical information storage. This trend, coupled with the increasing number of cloud-specific attacks, makes it critical for organisations to look at protecting their corporate data and hybrid infrastructure.”
The consequences of cyber attacks are far reaching. It damages corporate reputation and strategic business plans. Pollard says that all levels of an organisation need to take action to protect against cyber threats.
For more information on internet security threats, click here
Copyright © 2012 Singapore Institute of Management