Companies are more challenged with cyber risk than ever as most cyber attacks now involve ransomware demands in which attackers choose targets without regard to location or sector.
Indeed, robust cyber security measures remain vital as cyber insurance is not a panacea nor was it designed to be a replacement to pick up cyber security slack.
According to a recent S&P Global report, “Cyber Risk In a New Era: The Increasing Credit Relevance of Cybersecurity” there are several elements that all companies and organizations should consider as outlined below.
Quick incident response is key
When a company promptly addresses its incident and communicates with employees, customers, shareholders, investors and regulators, this helps limit the extent of damage and minimizes potential damage to brand, reputation and competitive position.
Active cyber event detection is vital
Active prevention of cyber incidents has become the norm. As cyber attacks evolve, they will become harder to detect. Therefore, companies will need to ensure active attack detection is at the center of everything they do.
Cyber attack simulation exercises can help with preparedness
No matter how big of a cyber security budget a company or organization has, there is no foolproof security system that can prevent a cyber incident. Companies and organizations that plan ahead and are prepared due to conducting simulation exercises to gauge and probe its preparedness will be much further ahead of those that don’t.
Credit rating implications are tied to cyber attacks
Companies that are a direct attack target are more likely to experience balance sheet ramifications, credit rating implications, especially if they are poorly managed and an attack results in reputational damage.
Cyber security basics are mandatory
Companies and organizations are expected to maintain basic cyber security measures such as having a reliable and fully tested data back-up and recovery strategy in place as well as a tested and rehearsed response plan. In addition, those companies that fall behind its peers in practicing basic cyber hygiene, could face regulatory and credit rating consequences.
Inadequate or the lack of Cyber Insurance exposes companies to potential rating actions
Cyber risk has the ability to cause significant damage to the global financial system due to a global, digital interconnected ecosystem and its heavy reliance of cloud service providers. A major cyber attack on the financial ecosystem could trigger widespread credit rating actions and a global financial ecosystem disaster. Companies that have weak balance sheets and lack adequate cyber insurance or other means of liquidity would likely be subject to credit rating actions and significant financial and reputational damage. This is why working with an experienced cyber insurance broker is vital. For help with your company’s cyber insurance, or to get a cyber insurance quote, please reach out to us for assistance.
Addressing Pandora’s Box of supply chain cyber risk
It takes a chain of suppliers or vendors to operate a company or organization today. This complex, interdependent network has opened up Pandora’s Box, exposing the entire supply chain ecosystem to cyber risk. Whether it is SolarWinds, Kaseya, or the Microsoft Exchange Server or something or someone else, companies and organizations must assess and ensure the cyber standards of its third-party providers.