Ferma-backed study attempts to shed light on security and privacy risk
The insurer and the European risk management association are calling on risk managers to contribute to the study by giving their thoughts on the topic via an online questionnaire.
It is hoped the study will help risk professionals to benchmark their knowledge and views on information security and privacy risks against those of their peers, learn what processes and actions other organisations are implementing to manage these risks and gain a greater understanding of how the risk management community as a whole views information security and privacy risk.
Data and privacy breaches appear to be an increasing phenomenon in today’s interconnected world. The World Economic Forum has labelled such breaches as ‘the dark side of interconnectivity’.
hide
Zurich figures place the average cost to investigate and respond to a data breach at over $5m. New EU laws to tighten rules that govern the loss of data are on the horizon. Many experts say this will only add to the potential costs faced by business.
According to Ferma’s Scientific Advisor, Marie-Gemma Dequae, this new study will attempt to shed light upon the broader security and privacy risks, including the threats added by information technology and the internet.
It will look at issues ranging from the significance of these risks within organisations to effective mitigation processes, the financial implications and emerging international regulations, she said.
Security and privacy risk is a big issue for Ferma members and the broader risk management community, said Ms Dequae. “Based on recent surveys we see that these type of risks (broader cyber risks) are often in the top ten risks quoted by risk managers. Also, as technology is evolving rapidly these risks are also evolving in the same way.”
As such this initiative, also in association with Harvard Business Review Analytic Services, is an important step. Ms Dequae hopes Ferma members will take part in the process to help bolster the study’s findings.
“It is important to gain a greater understanding about how the global risk
management community views these risks. It is also important to mention that after the survey a webinar will be organised and all information and key insights will be put into a report,” she said.
The study will focus on issues such as security and privacy risk responsibilities within organisations, primary areas of concern, levels of commitment to tackling these risks by senior management, employee training and the existence of an incident response plan.
Steve Wilson, Chief Risk Officer for General Insurance at Zurich Insurance, said: “With an average cost to investigate and respond to a data breach being over $5m, businesses cannot afford to be unprepared when it comes to security and privacy risks.
“The Online Trust Alliance is already calling 2012 ‘the year of the breach’ so the risk management community needs to be much better equipped to tackle this issue. The findings of the survey will provide risk managers with important insights into this critical issue and help deepen Zurich’s understanding of how we can tailor our security and privacy solutions to better meet the needs of our customers.”
The main topics identified from the study findings will be the focus of the subsequent webinar as well as the scheduled report.
To participate in the study via the online survey risk managers should go to
bit.ly/PSFJJr. The deadline for contributions is September 7.