Cyber Attacks Rank Alongside Natural Disasters

The economic damage of a successful major cyber-attack against a large cloud services provider could be similar in scale to the financial impact of a destructive hurricane.

The destructive tropical cyclone hurricane Katrina hit the US in 2005, causing $108bn in damage, but that could be exceeded by the cost of a major cyber-attack, according to an expert. "To compare the degree of economic cost, estimates now are that if attackers took down a major cloud provider, the damages could be $50bn to $120bn, so something in the range of a Sandy event to a Katrina event," said John Drzik, president of global risk and digital at insurance broking and risk management company Marsh. He was speaking at the launch of the World Economic Forum (WEF)'s Global Risks Report 2018.

"The aggregate cost of cyber is now estimated at over $1tn a year of economic cost, verses roughly $300bn experienced in 2017 lost to natural catastrophes," said Drzik.

The analysis by the international body, which brings together business, political, academic, and other leaders to help shape the global agenda ranks cyber as one of the top three risks along-side natural disasters and extreme weather.

Despite 2017 being a record year for the financial cost of extreme weather and natural disasters, the economic damage of cyber-attacks had a far greater global impact.

However, despite the potential damage which can be caused by cyber-attacks, governments and supporting agencies are far less well-equipped to deal with a major cyber-incident than they would be to deal with natural disasters. There's a FEMA response team for cyber-attacks, but it isn't as large as other parts of the agency.
"Think about the comparative scale," said Drzik. "Think about the government agencies as well as voluntary organisations which focus on response to natural disasters, verses national cyber-agencies -- they're much less resourced. They have some capacity, but not enough to deal with what is a significantly growing risk."

There's also the additional issue that, like extreme weather and natural disasters, cyber-attacks are a global issue but, as the WEF report highlights, there are elements of the current geopolitical environment that provide huge barriers for nation states coming together to collaborate on protecting against hacks and breaches.

That's dangerous, given there's barely any real agreement on what's acceptable and what needs managing in cybersecurity and cyberwarfare."International protocols have yet to really emerge in dealing with cyber risk and those are going to be needed as well. But, in the geopolitical climate we're in, it's hard to get to multilateral agreements," he said. "All of this paints a challenging picture for the defence against cyber risk."

ZDNet

You Might Also Read:

Companies Are Buying Cyber Insurance 'in mad panic':

Global Cyber Attack Could Cost $53Billion:

Cyber Insurance Report 2017 - 2018 (£):
 

 

« You Probably Don’t Know All the Ways Facebook Tracks You
In S.Africa The Cybersecurity Skills Gap Is A Chasm »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Software Engineering Institute (SEI)

Software Engineering Institute (SEI)

At the CERT Division of SEI we study and solve cybersecurity problems, research security vulnerabilities in software, and develop information and training to help improve cybersecurity.

VNT Software

VNT Software

VNT's vision is to change the way complex IT problems are resolved by predicting business disruptions before they occur.

Idaptive

Idaptive

Idaptive delivers Next-Gen Access through a zero trust approach. Idaptive secures access everywhere with single sign-on, adaptive MFA, EMM and analytics.

SQN Banking Systems

SQN Banking Systems

SQN Banking Systems fraud detection software products are a critical step towards overcoming the growing problem of fraud across the various payment channels.

HumanFirewall

HumanFirewall

Your secuirty is dorectly proportional to the awareness of your employees. Use Phishing simulation across your organization to train & profile user behavior.

Acreto

Acreto

Acreto is an end-to-end security infrastructure that protects all your technologies with a single, simple cloud service.

3Lines Venture Capital

3Lines Venture Capital

3Lines Venture Capital invests in exceptional founders and startups working on broad disruptive themes of Future of Work, AI enabled enterprises, and Industry 4.0.

YorCyberSec

YorCyberSec

YorCyberSec act as a trusted Cyber and Information Security broker and procurement specialist. We help companies to Reduce Risk, Increase Assurance and Improve Performance.

Secure Systems Innovation Corp (SSIC)

Secure Systems Innovation Corp (SSIC)

SSIC is a cyber risk analytics firm whose mission is to improve how businesses manage cyber risk through the power of data analytics. SSIC developed the X-Analytics cyber risk decisioning platform.

Jamf

Jamf

Jamf is the only Apple Enterprise Management solution of scale that remotely connects, manages and protects Apple users, devices and services.

CyberCatch

CyberCatch

CyberCatch provides an innovative cybersecurity Software-as-a-Service (SaaS) platform designed for SMBs.

Custard Technical Services

Custard Technical Services

Custard provide Network Security for all types of businesses across many industries, helping to keep them safe and secure.

Kompleye

Kompleye

Kompleye is a recognized cybersecurity and compliance audit organization that offer a comprehensive solution for different industries.

6WIND

6WIND

6WIND deliver virtualized, cloud-native, distributed high performance & secure networking software solutions to support new applications such as 5G, IoT, SD-WAN.

Omega Systems

Omega Systems

Omega Systems is a leading managed service provider (MSP) and managed security service provider (MSSP) to mid-market organizations.

Commission Nationale de l'Informatique et des Libertés (CNIL)

Commission Nationale de l'Informatique et des Libertés (CNIL)

The mission of CNIL is to protect personal data, support innovation, and preserve individual liberties.