MANAGING TECHNOLOGY-RELATED RISKS
RC: In what ways has technology risk evolved in recent years? Do you believe that companies are adapting adequately to the pace of change and the variety of new threats?
Osgood: A recent AIG survey found that 80 percent of executives and brokers find it difficult to keep pace because the cyber threat landscape is evolving so rapidly. Cyber terrorism, espionage and ‘denial of service’ attacks were virtually unheard of only 10 years ago, yet are now beginning to dominate the headlines of trade press. With this in mind, it is little wonder that companies struggle to keep up. Today, virtually all companies handle sensitive personal and corporate information on a daily basis, whether it is identity card numbers, credit card information, budgetary information, customer lists or marketing plans, all of which can be converted into cash if they fall into the wrong hands. Accordingly, we have seen a shift in technology risk evolving from the traditional exposures associated with professionals failing to deliver upon their contracts to third parties, to professionals finding themselves on the receiving end of claims for failing to safeguard their client’s personal information against targeted cyber attacks. ABC Online reported at the end of last year that the Miami Family Medical Centre on the Gold Coast had become the latest victim of international attackers who “hack into systems, encrypt the data and then demand a ransom for sending a key to release it”. The fact that businesses can be crippled by such events is a clear reflection of our increasing dependency upon technology to operate. The good news is that the more companies learn of technology risks, the more that can be done to prevent them. However, as reported by PwC, lessons learned are rarely incorporated into best business practice.
Jul-Sep 2013 Issue
Faruki Ireland & Cox P.L.L.