Global cyber losses expected to reach $6 trillion by 2021 - report

Annual global cyber losses are expected to hit US$6 trillion by 2021, with cybersecurity spending projected to exceed a total of US$1 trillion for the five years leading up to 2021, according to a new report from Aon quoting statistics from Cybersecurity Ventures.

While the immediate costs of a cyberattack can be significant, Aon’s report suggested that damage to a business’s reputation could cost just as much or even more in the long term.“The reputational crisis resulting from an attack can erode a company’s market value, destroy brand loyalty, limit companies’ digital transformation efforts and even lead to a credit-rating downgrade,” Aon said. “An effective cyber resilience strategy can help mitigate both immediate and long-term financial losses.”

“Some companies still don’t fully understand the impact a cyberattack can have on a business,” said Onno Janssen, Aon CEO of Risk Consulting & Cyber Solutions EMEA. “Understanding the worst-case scenarios and their impact to a business is crucial to developing an effective resilience strategy in which cyber is managed as an enterprise-wide risk across the entire organisation. The cyber threat is amorphous, and the technology it exploits is advancing at a dizzying pace, so the risk landscape is never going to stand still.”

Janssen said business leaders needed to prioritise defending against cyber risk.“The C-suite will have to aim to constantly improve its holistic cyber risk management strategies to prevent, prepare for and be able to respond to a cyber crisis,” Janssen said. “Ultimate responsibility for all risk management efforts resides in the boardroom.”

Aon’s report outlined four steps for building an effective cyber resilience strategy:

  • “Take it to the top”: While cyber risk management should be an enterprise-wide concern, final accountability for understanding the costs and consequences of a cyberattack rests with the board.

  • “Unite your business”: Cyber risk is a threat to the whole business, calling for a multi-level response that involves every relevant stakeholder.

  • “Get ahead of the game”: Businesses shouldn’t wait for a cyberattack to happen before acting. Incident-response training is critical to preparing a business to respond effectively to an attack.

  • “Protect your balance sheet”: Cyber insurance can protect an organisation’s balance sheet by providing a financial payout after a cyberattack, as well as providing pre-loss and post-loss services.

Source: Insurance Business Australia

Contact Us

Thanks for submitting!