Cyber risks can be mitigated, said Swiss Re Asia regional president Jayne Plunkett in a recent post on LinkedIn, commenting on discussions she participated in at a World Economic Forum (WEF) panel on regional cyber resilience in Tianjin, China, last week.
“While most people think of cybergeddon when thinking of cyber risks, we sometimes forget that most cyber risk is manageable with relatively simple but effective measures,” she said.
While major cyber attacks like last year’s WannaCry could result in billions in losses from just one incident, Ms Plunkett said people often lose sight of the fact that the majority of cyber incidents are small, unsophisticated attacks that can be easily mitigated with the right tools and education.
“Instead of despairing in face of a global threat sponsored by state actors with unlimited resources, we should remember that most cyber risks are relatively common and can actually be mitigated.”
Some measures she cited are updating software, using strong security settings and training employees to mitigate risks. Other tips that were discussed during the WEF panel are as follows:
- Cyber-hygiene: Fostering basic #cyber-hygiene across all areas of society – personal, business and state - is a must. From educating kids in cyber awareness and discipline from kindergarten, to regular citizen and employee campaigns and training, strong IT security and risk management measures.
- Educating more cyber experts: There is currently a market gap of 3 million cyber experts – one that urgently needs to be filled. This will not just help us to up our game on cyber protection, it will also create job opportunities for tomorrow.
- Building risk partnerships with small and medium sized companies: SMEs can rarely afford the same level of preparedness and protection as larger companies, and ensure software, systems and devices are safe. This is an area where insurance, with experience in identifying and pricing risks, as well as establishing good risk management practices, can play an important role.
- Public Private Partnerships and neutral collaboration platforms: It is imperative that governments, government agencies and private sector companies work together more actively to fight cyber-threats and stay ahead of the game. The World Economic Forum's new Cyber Centre in Geneva is being set up as a neutral platform to nurture such exchanges. Additional measures could be for governments to appoint cabinet level cyber representatives, while CEOs and Chairmen of private companies should get more actively involved on cyber risk, not leaving cyber resilience to the CIO alone.
“If we can start to tighten the safety net for personal and business cyber risks, the resulting tools and approaches may also help to address the more complex cases,” said Ms Plunkett.
A videorecording of the WEF panel in Tianjin can be found here.