Cyber Security and Cyber Risk: a steady threat
As online activites have increased, cyber attacks have increased, too. In this context, cyber security is a current and vital issue because nobody is safe.
Online reports refer that about 8 companies out of 10 suffered cyber attacks in 2017, causing them economic losses and reputational damages. In Italy a company out of two have suffered at least one cyber attack in the last three years. The economic losses are more than 7 billion euros. In this context, companies in Lombardy have lost 2 billion euros. What is more, according to Polizia Postale report, the alarms of hacker attacks in Italy quintupled in 2017, being around 28,500. Finance (credit cards, etc.), healthcare (privacy and sensitive data) and retail are the most attacked industries.
However, companies are not the only ones to suffer from cyber attacks. Private citizens risk to suffer from hacker attacks, too. Explicative to this is the news concerning the vulnerability of tracking chips globally. This vulnerability, called Meltdown and Spectre, allows to have access to sensitive data (passwords and cryptography keys) in computers and smartphones.
How to prevent cyber attacks
Is it possible to prevent cyber attacks? How? Certainly there are measures to prevent cyber attacks. IVASS, as stated in a recent circular letter, recommends to follow these steps:
- Raise the level of security systems
- Do backups more frequently (at least daily)
- Increase monitoring tests and anti-intrusion systems
- Provide a management crisis plan
- Analyse and update frequently those elements whic are more vulnerable to cyber attacks
The role of insurance companies to cover the Cyber Risk
In this context, it is clear that preventive measures are not enough. IVASS itself suggests to hold an insurance coverage. This will mitigate the economic losses and reputational damages following a cyber attack. This solution is complementary to the preventive measures described above.
An incresing number of insurance companies offers insurance policies covering the Cyber Risk. Currently the global annual cost related to computer fraud is estimated at a range between 100 billion and 1 trillion dollars and the average cost of accident would range between 2 and 4 million dollars. It is estimated that the insurance policies covering Cyber Risk will jump exponentially, thus reaching 7,5 billions in 2020.
New European regulamentations
Along with insurance policies for Cyber Risk, the General Data Protection Regulation will be adopted by the European Countries. The GDPR will sanction those companies who will not communicate a data breach tempestively. The fine would be equal up to the 4% of companies annual revenue (around 20 million euros).