Cyber is one of the top risk priorities for risk managers in the UK. Following the annual AIRMIC risk management conference in Edinburgh, Scotland, Vanessa Leemans, Head of Cyber, UK & Lloyd’s at 色多多视频 discusses how a holistic approach can help equip organisations to build their cyber resilience.
There is little doubt that cyber risk is a top-tier priority for the C-Suite and for risk managers around the world.
In the most recent , risk experts ranked cyber security as the second biggest risk, behind climate change. One in eight experts surveyed put it at the top of their list of concerns, while almost 90% of those experts said they believed the risk of a massive cyber attack was significant at a global level – it is a question of when, not if.
Cyber is also the top concern for risk managers in the UK, according to AIRMIC’s “Big Question” survey launched earlier this year, when cyber – including ransomware attacks – was cited ahead of changes in regulation and geopolitical threats, as the biggest risk facing UK organisations.
The UK Government’s most recent Cyber Security Breaches Survey found that half of all businesses in the UK reported having been subject to a cyber breach or similar attack in 2023. This figure increased significantly for medium-sized businesses, 70% of which said they had been subject to a breach or attack, and still further among large businesses, some 74% of which said they had suffered an attack in 2023.
The survey also underlined the growing importance of this issue for top-level management, with 75% of all UK organisations citing cyber security as a high priority for senior management. A vast majority, 93%, of medium-sized businesses described cyber security as a top-level concern, while almost all – 98% – of large organisations said it was a senior-management priority.
Ransomware attacks increased markedly in frequency again in 2023, after a slowdown in 2022. The cyber risk landscape is evolving fast and attack techniques are becoming ever more sophisticated, like for example triple extortion, in which cybercriminals infiltrate an organisation’s networks, encrypt data and demand a ransom for its release and – in the third layer of attack – threaten to use that data to extort clients, customers or other stakeholders of the organisation. Cybercriminals are also exploring ways to use new technologies such as generative artificial intelligence (AI) to automate and accelerate attacks.
Building greater understanding
Our clients are becoming increasingly mature in terms of the cyber security measures they have in place. The understanding of this risk and how to manage it, as it continues to evolve, is improving all the time.
Data is key to our ability to address cyber risk. Our data-driven insights enable us to understand the way this risk is evolving and to offer tangible support and protection for businesses.
Collectively, we have decades of experience in assessing and responding to cyber risks. Our clients are developing a deeper understanding of their own risk profiles too. And we want to work in partnership with them to use our knowledge and insights to tailor solutions to their specific needs.
We take a holistic approach to support our clients through every stage of their cyber journey from proactive risk assessments to tailored insurance coverage. We want to help our clients build their cyber resilience before they become a target and to equip them with the tools to recover swiftly from an attack should one occur.
I’m delighted that we have launched our CyberRiskConnect portal. This gives AXA XL’s UK & Lloyd’s primary clients access to the latest intelligence and information about cyber risks and can help them to bolster their own understanding of how the risk is evolving – and how to respond.
We work closely with our partner corporate intelligence and cyber security consultancy S-RM to give clients access to pre-and-post event services.
We are also aware that it is extremely important to our clients to understand how a cyber insurance policy responds if an event does take place. To that end, we ensure that not only do we have an onboarding call with the risk manager and representatives from the client’s legal department and/or Chief Information Officer or equivalent, we also make sure that our primary cyber clients meet with our specialist cyber claims team. The aim is to facilitate a discussion about how a cyber insurance policy responds in the event of a cyber incident and give everyone peace of mind – ahead of any attack. Pre-event risk mitigation services and post-event crisis response services are a vital part of how we, collectively, can build resilience to this risk.
Readying for the future
To build greater cyber resilience and recover swiftly from a possible attack, organisations must ensure they are prepared by maintaining best cyber security practices and having not only a tested cyber incident response plan, but also a business continuity plan and a vendor management plan in place.
Those best practices for cyber security include having multi-factor authentication (MFA), privileged access management (PAM), endpoint detection and response (EDR), network segregation, back ups of critical data, and patch management to help better protect against zero-day vulnerabilities.
As well as investing in cyber security before an incident, it’s vital that organisations use the lessons learned from any attacks or near misses to ensure they are better prepared for any future events. This may include performing table-top exercises, for example.
To mitigate the severity of a cyber attack and recover swiftly, it’s important to have a robust cyber incident response plan in place, to test and practice it often, and to have all the relevant parties in one room together so that they know their roles.
An effective cyber-incident response plan should include what actions the organisation will undertake internally, outlining the relevant stakeholders, decision-makers and roles and responsibilities, and details of the relationship with external partners like vendors, insurers and law enforcement, that will be called into action if a cyber attack takes place.
An incident response plan is not, however, the be-all-and-end-all of preparation. Organisations need to formulate and test a business continuity plan and have a plan in place for vendor management - before a cyber incident.
And organisations need to have strategies in place to mitigate third party exposures, such as keeping a database of contractual obligations and ensure there is offline access to it, as well as to the cyber insurance policy and incident response and business continuity plans. Data governance policies and procedures are important for preparation too – organisations must be aware of what data they have and why.
It is vital for organisations to keep up-to-speed with the latest threats and techniques being used by cybercriminals in order to best prepare for a cyber attack. One new technique which we urge clients to understand is the rising use of tools like AI to create increasingly convincing deep fakes that mimic voices and gestures and perform social engineering to launch a cyber attack.
It's important that organisations are familiar with these tools and how they can be used, while, of course, ensuring that they exercise caution around data privacy rights when using AI. Organisations need to be aware of the ways AI can be exploited and employee cyber security training needs to evolve too to make employees aware of these increasingly sophisticated methods of attack.
We want our clients to feel cyber confident and to ensure that security concerns don’t hold back their digital ambitions in this rapidly evolving environment. 色多多视频is committed to equipping clients with the insights to understand their exposures and to develop tailored risk management strategies by providing access to pre-and post-event services, as well as insurance coverage that will help them not only to weather the financial impact of an event but to get ready to bounce back reputationally and on a strong footing for the future.
