SlideShare una empresa de Scribd logo

Digital economy and its effect on cyber risk

aakash malhotra
aakash malhotra

Pandemic has taken a fair share of the toll on every economy, affecting millions of businesses across the globe. As organizations are adopting technology and innovation to fulfil their quest for growth, they must comprehend, the ghost of cyberattack will come to haunt them sooner or later. Cyber breaches will not only cause brand degradation, but also lead to loss of digital assets, and change in consumer behaviour. As a result, companies are considering corporate cyber insurance as a part of their cybersecurity strategies. Click on the link to read what cyber insurance is and why companies direly need it.

Empresariales
1 de 20
Descargar para leer sin conexión
1 Unlocking the Value of Cyber Insurance Private and confidential 2020
Digital economy and its affect of cyber risk 4 What is cyber insurance? 6 Need for cyber insurance 7 Challenges faced by organisations buying cyber insurance 8 Measures to keep insurance premium low or select right insurance 10 How can we help? 16 Key contacts 18 Contents
4 Digital economy and its effect on cyber risk The business and technology innovations that organisations are adopting in their quest for growth, innovation, and cost optimisation, present heightened levels of cyber risks. Such innovations most likely introduce new vulnerabilities and complexities into the organisation’s ecosystem making them more susceptible to cyberattacks. Recent cyberattacks indicate that cyber breaches are inevitable and can be extremely harmful. Cyber breaches can lead to tangible costs, brand degradation, and changes in consumer behaviour. Cyberattack is inevitable It’s not a question of “whether” it will happen, but “when”. Unlocking the value of cyber insurance | Digital economy and its affect of cyber risk Source: Gartner, “Innovation Insight for Security Rating Services”, Sam Olyaei, Christopher Ambrose, Jeffrey Wheatman, 27 July 2018
5 Unlocking the value of cyber insurance | Digital economy and its affect of cyber risk
6 Cyber insurance is an insurance product designed to help businesses hedge against cyber risks, such as data breaches, cybercrimes including malware, ransomware, distributed denial-of-service (DDoS) attacks, or any other method used to compromise a network, intellectual property, and privacy or confidential information. What is cyber insurance? Unlocking the value of cyber insurance | What is cyber insurance?
7 Need for cyber insurance Cyber insurance has become popular as a cyber-risk mitigation measure. Although insurance is a lucrative option to cover cyber risks, businesses need to understand that the insurance premium is directly proportional to their cyber security preparedness. Hence, cyber insurance cannot be treated as a risk transfer mechanism. Key drivers for cyber insurance include the following: • Rising digitalisation of businesses due to adoption of cloud, mobile, social media and Internet of Things (IoT), thus, expanding the threat landscape • Evolving threat landscape, with the recent ransomware/malware attacks, targeting various sectors • Increasing awareness on cyber security • Drafting of India’s Personal Data Protection Bill 2019 and apprehensions around implications of the General Data Protection Regulation (GDPR) The rise of coronavirus identified the need that enterprises must increase corporate resilience and help ensure community well-being by embracing virtual collaboration tools and practices. Recently, your organisation may have decided—to perform all work virtually in response to the spread of the virus. • What does this mean for your business? • Is this a short-term anomaly or a long- term trend? • How does your organisation continue to work and create value in this new environment? • Does this require you to change your operating model? • Does the change expose you to additional cyber risks? Cyber insurance can complement an organisation’s active security measures by providing insurance coverage in three broad areas: • Liability for loss or breach of data • Remediation costs associated with forensic investigations, notification to affected parties, etc., to respond to a breach • Regulatory fines and penalties as well as associated settlement costs However, cyber insurance cannot provide the following: • Protection from reputational risk – A monetary claim can be awarded for an information security breach, but the insurance carrier cannot repair the damage to an organisation’s brand. • Removal of risk – Insurance, whether cyber or otherwise, provides an organisation with the opportunity to transfer risk, but not remove it. • Replacement for an information security programme – Strong security controls and a comprehensive information security programme are the prerequisites for purchasing cyber insurance. Cyber insurance can replace such controls and programmes, but cannot bring back the original files. “Cyber insurance is only one element of risk management and it will never be able to remove cyber risk entirely” Unlocking the value of cyber insurance | Need for cyber insurance
Unlocking the value of cyber insurance | Challenges faced by organisations buying cyber insurance 8
9 Challenges faced by organisations buying cyber insurance Dearth of data leaves insurers in the dark and buyers with higher premiums The buyers are reluctant on sharing data that can help insurers evaluate risks and this dearth of data leaves insurers in the dark.Hence, lack of actuarial data on cyberattacks inhibits robust risk assessment. This often leads to unrealistic or exorbitant cyber insurance premiums, which further alienates a potential buyer. Buyers often don’t understand cyber risks or their insurance coverage options Although the level of cyber risk awareness and senior management’s attention to cyber security is increasing, there appears to be a gap in terms of translating cyber risk into estimates of potential losses, which would normally be a prerequisite to any decision on the purchase of insurance coverage. Due to lack of understanding of financial exposure, many companies take insurance purchase decisions based on industry benchmarking (i.e., the insurance amount the companies’ competitor has bought) rather than assessing the actual needs. Since the description of coverage terms, conditions, and exclusions are not standardised in cyber policies: • Coverage is often written via customised policies, resulting in varied terminology from different insurance providers. • Similar products from different providers have varied features, thus challenging value and price comparisons. Cyberattacks keep evolving and new risks keep emerging Inherent volatility of ever- evolving cyber risk limits the value of historical experience and undermines predictability. The damages because of cyber extortion, reputational loss, and rapidly evolving data and privacy landscape make quantification of comprehensiveness and adequacy of cover difficult. Cyber risk is spread over a wide range of coverages: Cyber risk may be included in many different policies Complicates efforts to assess coverage needs, match policies with exposures, and compare alternatives Challenges buyers and their intermediaries to figure out the best place to put coverage for cyber-related expenses Exposures evolve as new risks emerge Exacerbates buyer uncertainty over what coverage they need versus what they may already have in existing policies Claims litigation uncertainties Since claims and disputes of cyber coverage have not reached critical audience yet, there is lack of references that leaving the buyers uncertain over success ratio of the claims settlement process. The buyers fear potential gaps in coverage within a policy or among multiple policies addressing cyber risk. Language may be subject to interpretation, even litigation, when an event occurs. The buyers will not realise what is not covered until after they file a claim. Despite a promising market opportunity and clear coverage needs, various buyers are hesitant in buying these insurances. Some of the challenges the organisations face include the following: Unlocking the value of cyber insurance | Challenges faced by organisations buying cyber insurance 1 2 3 4
10 Measures to keep insurance premium low or select right insurance I. Maintain a healthy security posture Insurers typically rely on cyber risk assessments to evaluate the cyber exposure of the buyer. Hence, organisations need to develop a robust cyber-risk assessment mechanism to understand and evaluate cyber exposure. Although 100 percent security is impossible, organisations can implement a number of risk treatment measures for prevention, detection, and response activities to keep cyber risks at an acceptable level by developing a sound approach for risk management. While the traditional cyber defense mechanisms help in thwarting conventional attacks, the future attacks will need an all-encompassing strategy. The following ten design principles aim to provide possible amalgamations of traditional and futuristic resilience risk mitigation strategies to the organisations: Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
11 1. Board involvement in information security programme oversight A well-informed board with a clear understanding of cyber risks focuses on information security throughout the organisation. Hence, encourages the management and the employees to be more proactive in managing cyber risks, thus lowering claims frequency and the amount of data loss. 2. A robust cyber risk management programe A sound cyber risk programme is an integral element of business success. While being secure is more important than ever, Deloitte puts an emphasis on the need to be constantly vigilant and resilient in the face of shifting cyber threats. 3. A capable security operations center (SOC) Insurers will reduce premiums if an organisation demonstrates implementation of a robust cyber risk monitoring programe in the form of a cyber-SOC (C-SOC) setup using advanced infrastructure, and is operated by a team of dedicated cyber security professionals providing 24x7 service. An intelligent C-SOC can provide a number of services including external threat intelligence and capabilities to respond to cyber incidents. 4. Seeking security audit reports and demarcating security responsibilities Implement three lines of defense model comprising the following: • First line of defense includes functions that own and manage risk. • Second line of defense includes functions that oversee or specialise in risk management, and compliance. • Third line of defense includes functions that provide independent assurance, above all internal audit. 5. Managing third party risks Some insurance companies require annual external assessments. Recent history gives examples of most breaches that happened due to the weak security controls implemented at vendors, third parties, or at business partners’ end (who had access to the systems or data). Hence, it is important to assess resilience and security capabilities of critical third parties and vendors periodically. 6. Data backup and restoration A pre-defined backup schedule and a strategy indicating what to back up, when to back up, and on which medium to back up, prove to be a highly effective recovery strategy. The data backup strategy should mandate periodic restoration checks to ascertain data quality, integrity, and usability. Recent ransomware attacks have exposed an intrinsic vulnerability in IT-DR, whereby the ransomware infection has inadvertently infected the data and application instances replicated in the DR, thereby rendering it useless. Golden Data Copy is a clean back-up copy created, in addition to the data replicated at the DR, and is maintained in an air- gapped environment. 7. Business Continuity with security Recent COVID-19 pandemic has highlighted the need to strengthen remote access, as people cannot travel to their office locations. Remote working has become the new norm and is going to be ubiquitous, thereby extending the organisation’s perimeter and increasing the attack surface. Leveraging various collaborative tools for video conferencing, online meetings, workspace sharing have led to sharing of highly confidential and personal information, which otherwise was not accessible over the Internet. Hence, the risk of data leakage or hack has increased exponentially. While remote working could save many lives in a pandemic scenario, if adopted as a new business norm increases the risk to the organisation, which needs to be managed and hence, cyber insurance would be the key to manage this increased risk. It may be time for corporates to look at cyber insurance, and for individuals to protect their information when working from home and executing digital transactions. 8. Integrating chaos engineering into the vulnerability testing programme Traditional vulnerability programmes are limited to the defined periodicity, scope, and application boundaries. Chaos engineering performs ongoing resilience testing by orchestrating unexpected failures and assessing the system’s ability to recover from the outage using designed controls. 9. Skilled responders and cyber aware organisation Trained, skilled, and experienced responders determine an organisation’s capability to thwart sophisticated cyberattacks that originate from highly motivated and well-funded cyber criminals. 10. Compliance with legal and regulatory requirements Organisations must manage the compliance and mandates from regulations within their industry, ensuring they are audited regularly. Identifying and complying with legal, regulatory, and contractual obligations concerning cyber security and resilience are fundamental to any cyber risk management programme. A formalized cyber risk management program is a prerequisite. Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
12 II. Maintain a good cyber security rating score To understand the importance of a good cyber security rating score, it is necessary to understand how insurers assess cyber risks and take underwriting decisions. While traditional techniques, such as questionnaire- based assessments are still effective, such assessments are time consuming, expensive and provide a point in time snapshot of performance. Many insurance companies have entered into partnerships with information technology firms to improve their access to cyber incidents. Solutions are available within market, which perform data analysis based on company performance and provide comprehensive reports including historical data and comparisons with industry benchmarks. Using such objective analysis, insurers take informed underwriting decisions. Organisations need to use these cyber security rating solutions and monitor their cyber security rating score. Such solutions report security flaws, contextualize, and prioritise the risk information they collect so that organisations can allocate resources strategically and mitigate risks. Some of the key features offered by these cyber risk rating solutions include the following: • Functionality to collect and analyse data from surface, deep, and dark web channels • Capabilities to perform entity attribution and risk analysis of organisations worldwide • A consistent rating methodology to generate cyber risk scores dynamically • A clear focus on third-party cyber-risk use cases serving multiple industries Cyber risk rating services do not replace traditional security posture assessments, but rather supplement them. A formalised cyber risk management programme is a prerequisite. “By 2022, cybersecurity ratings will become as important as credit ratings when assessing the risk of business relationships.” Source: Gartner, “Innovation Insight for Security Rating Services”, Sam Olyaei, Christopher Ambrose, Jeffrey Wheatman, 27 July 2018 Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance 13
14 III. Evaluate and compare cyber insurance policies on key considerations Buyers considering cyber insurance need to practice due care and diligence, regardless of the insurance coverage and should be aware about protocols related to forensics and evidence management for honouring the claim after a cyberattack. Some critical considerations that a buyer must make when selecting a cyber insurance policy include the following: Understand your organisation’s risk exposure Evaluate your current cyber risk exposure to understand the type and amount of cyber insurance coverage required. In certain areas, where controls are well established and routinely tested, coverage may not be required. Risk exposure is based on multiple factors. Some of the factors include the following: • The type and context of information transacted and retained • Risks of hazard to the affected individual • The security level of mobile devices carrying sensitive data • The encryption level of sensitive data at rest and in motion • Interruption to business for usual operations • Loss arising from virus/malware attack, introduction of malicious code or unauthorised access leading to data breach • Cost of rebuilding data during acts of vandalism • Fraudulent transactions undertaken due to security breach arising out of cyberattacks (including social engineering) Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
15 • Cyber extortion or threat leading to ransom payment • Loss arising from unauthorised data alternation or stealing of data (including social engineering attacks) • Loss due to network disruption or business interruption Adequacy of coverage based on cost of data breach Adequacy of coverage needs to factor not only risk exposure of the organisation but also the cost of data breach. Some of the typical costs incurred by an organisation dusring a data breach include the following: • Cost of computer forensic investigation • Cost of civil litigations and criminal investigation • Crisis management and customer notification expenses • Liability arising out of personal and corporate data breach • Liability arising out of outsourced activities • Liability arising out of disparagement of products and services, defamation and infringement of intellectual property rights • Defense cost for litigations and in connection with proceedings brought about by regulators • Coverage for regulatory fines and penalties Understand policy complexities There is a variety of insurance policies available, often requiring a rigorous underwriting process. Spend time upfront understanding the preconditions that must be met to obtain insurance. It is also important to understand any policy exclusions to make sure that you can take advantage of the coverage you will be paying for. Understand the claims’ process up front Not all cyber claims are treated equally. Understand what is required to file a claim and make sure you can satisfy these requirements before purchasing insurance. During an incident, insurers often require organisations to execute a formal incident response process— including maintaining logs, emails, forensic scans, and other evidence—using methods that preserve the integrity of the evidence. Balance the cost of premium and implementation of security controls While insurance policies may assist in transferring risk, organisations should analyse cost benefits to determine the appropriateness of investing in cyber insurance coverage. Remember Cyber insurance is for mitigating risks that cannot be addressed in-house. Cyber insurance products are no replacement for a robust information security programme. Organisations should first develop mature information security programmes and an understanding of the total cost of their cyber risk. The insurance constitutes as a significant element of risk management (i.e., risk transfer) that can help organisations manage cyber risk. Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
16 Unlocking the value of cyber insurance | How can we help?
17 How can we help? • How to select an appropriate insurance policy? • What type of coverage should my organisation get? • What residual risks does my organisation face with our current cyber insurance? Deloitte can assist clients in executing a cyber insurance focused risk assessment to answer the following questions: Risk assessment Security and privacy breaches Forensic investigation Cyber insurance key components Cyber insurance coverage Crisis management Loss of income Business interruption Regulatory response Credit monitoring Network intrusion Understanding claims Policy selection Policy exclusion analysis Incident response Managing claims Controls gap analysis Provider analysis CYBER INSURANCE Unlocking the value of cyber insurance | How can we help?
18 ROHIT MAHAJAN President | Risk Advisory rmahajan@deloitte.com SHREE PARTHASARATHY Partner | Cyber Leader sparthasarathy@deloitte.com ANAND VENKATRAMAN Partner anandv@deloitte.com DEEPA SESHADRI Partner deseshadri@deloitte.com GAUTAM KAPOOR Partner gkapoor@deloitte.com Key Contacts Unlocking the value of cyber insurance | Key contacts
19
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see www. deloitte.com/about for a more detailed description of DTTL and its member firms. This material is prepared by Deloitte Touche Tohmatsu India LLP (DTTILLP). This material (including any information contained in it) is intended to provide general information on a particular subject(s) and is not an exhaustive treatment of such subject(s) or a substitute to obtaining professional services or advice. This material may contain information sourced from publicly available information or other third party sources. DTTILLP does not independently verify any such sources and is not responsible for any loss whatsoever caused due to reliance placed on information sourced from such sources. None of DTTILLP, Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte Network”) is, by means of this material, rendering any kind of investment, legal or other professional advice or services. You should seek specific advice of the relevant professional(s) for these kind of services. This material or information is not intended to be relied upon as the sole basis for any decision which may affect you or your business. Before making any decision or taking any action that might affect your personal finances or business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person or entity by reason of access to, use of or reliance on, this material. By using this material or any information contained in it, the user accepts this entire notice and terms of use. ©2020 Deloitte Touche Tohmatsu India LLP. Member of Deloitte Touche Tohmatsu Limited

Recomendados

Data Modernization: Breaking the AI Vicious Cycle for Superior Decision-making
Data Modernization: Breaking the AI Vicious Cycle for Superior Decision-makingData Modernization: Breaking the AI Vicious Cycle for Superior Decision-making
Data Modernization: Breaking the AI Vicious Cycle for Superior Decision-makingCognizant
 
Forecasting in a digital world
Forecasting in a digital worldForecasting in a digital world
Forecasting in a digital worldaakash malhotra
 
Staying ahead in the cyber security game - Sogeti + IBM
Staying ahead in the cyber security game - Sogeti + IBMStaying ahead in the cyber security game - Sogeti + IBM
Staying ahead in the cyber security game - Sogeti + IBMRick Bouter
 
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...Capgemini
 
OpenText Presents: Mastering the Digital Economy through Big Data and Custome...
OpenText Presents: Mastering the Digital Economy through Big Data and Custome...OpenText Presents: Mastering the Digital Economy through Big Data and Custome...
OpenText Presents: Mastering the Digital Economy through Big Data and Custome...OpenText
 
PwC: New IT Platform From Strategy Through Execution
PwC: New IT Platform From Strategy Through ExecutionPwC: New IT Platform From Strategy Through Execution
PwC: New IT Platform From Strategy Through ExecutionCA Technologies
 
End-to-End OT SecOps Transforming from Good to Great
End-to-End OT SecOps Transforming from Good to GreatEnd-to-End OT SecOps Transforming from Good to Great
End-to-End OT SecOps Transforming from Good to Greataccenture
 
2018 State of Cyber Reslience in Healthcare
2018 State of Cyber Reslience in Healthcare2018 State of Cyber Reslience in Healthcare
2018 State of Cyber Reslience in Healthcareaccenture
 

Recomendados

Data Modernization: Breaking the AI Vicious Cycle for Superior Decision-making
Data Modernization: Breaking the AI Vicious Cycle for Superior Decision-makingData Modernization: Breaking the AI Vicious Cycle for Superior Decision-making
Data Modernization: Breaking the AI Vicious Cycle for Superior Decision-makingCognizant
 
Forecasting in a digital world
Forecasting in a digital worldForecasting in a digital world
Forecasting in a digital worldaakash malhotra
 
Staying ahead in the cyber security game - Sogeti + IBM
Staying ahead in the cyber security game - Sogeti + IBMStaying ahead in the cyber security game - Sogeti + IBM
Staying ahead in the cyber security game - Sogeti + IBMRick Bouter
 
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer a...Capgemini
 
OpenText Presents: Mastering the Digital Economy through Big Data and Custome...
OpenText Presents: Mastering the Digital Economy through Big Data and Custome...OpenText Presents: Mastering the Digital Economy through Big Data and Custome...
OpenText Presents: Mastering the Digital Economy through Big Data and Custome...OpenText
 
PwC: New IT Platform From Strategy Through Execution
PwC: New IT Platform From Strategy Through ExecutionPwC: New IT Platform From Strategy Through Execution
PwC: New IT Platform From Strategy Through ExecutionCA Technologies
 
End-to-End OT SecOps Transforming from Good to Great
End-to-End OT SecOps Transforming from Good to GreatEnd-to-End OT SecOps Transforming from Good to Great
End-to-End OT SecOps Transforming from Good to Greataccenture
 
2018 State of Cyber Reslience in Healthcare
2018 State of Cyber Reslience in Healthcare2018 State of Cyber Reslience in Healthcare
2018 State of Cyber Reslience in Healthcareaccenture
 
Accenture Banking Security Index
Accenture Banking Security IndexAccenture Banking Security Index
Accenture Banking Security Indexaccenture
 
Intuition Engineered
Intuition EngineeredIntuition Engineered
Intuition EngineeredCognizant
 
Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Anant Desai
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the gameFranco Ferrario
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital FutureCognizant
 
Cognizant Making AI Real with Microsoft
Cognizant Making AI Real with MicrosoftCognizant Making AI Real with Microsoft
Cognizant Making AI Real with MicrosoftSteve Lennon
 
Better Business Outcomes with Big Data Analytics
Better Business Outcomes with Big Data AnalyticsBetter Business Outcomes with Big Data Analytics
Better Business Outcomes with Big Data AnalyticsIBM Software India
 
Cybersecurity report-vol-8
Cybersecurity report-vol-8Cybersecurity report-vol-8
Cybersecurity report-vol-8Mohamed Abdelhakim
 
The Digital Talent Gap: Are Companies Doing Enough?
The Digital Talent Gap: Are Companies Doing Enough?The Digital Talent Gap: Are Companies Doing Enough?
The Digital Talent Gap: Are Companies Doing Enough?Capgemini
 
Use AI to Build Member Loyalty as Medicare Eligibility Dates Draw Near
Use AI to Build Member Loyalty as Medicare Eligibility Dates Draw NearUse AI to Build Member Loyalty as Medicare Eligibility Dates Draw Near
Use AI to Build Member Loyalty as Medicare Eligibility Dates Draw NearCognizant
 
Gartner eBook on Big Data
Gartner eBook on Big DataGartner eBook on Big Data
Gartner eBook on Big DataJyrki Määttä
 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationCognizant
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Mourad Khalil
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Capgemini
 
Turning AI into Concrete Value: The Successful Implementers' Toolkit
Turning AI into Concrete Value: The Successful Implementers' ToolkitTurning AI into Concrete Value: The Successful Implementers' Toolkit
Turning AI into Concrete Value: The Successful Implementers' ToolkitCapgemini
 
Shared Service Centers: Risks & Rewards in the Time of Coronavirus
Shared Service Centers: Risks & Rewards in the Time of CoronavirusShared Service Centers: Risks & Rewards in the Time of Coronavirus
Shared Service Centers: Risks & Rewards in the Time of CoronavirusCognizant
 
7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)Mighty Guides, Inc.
 
Mayfield CXO Survey: Post COVID-19 Impacts to IT
Mayfield CXO Survey: Post COVID-19 Impacts to ITMayfield CXO Survey: Post COVID-19 Impacts to IT
Mayfield CXO Survey: Post COVID-19 Impacts to ITNavin Chaddha
 
Insuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industryInsuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industryAccenture Insurance
 
ACCA Smart Finance Series - Trust in the Digital Age Presented by PwC
ACCA Smart Finance Series - Trust in the Digital Age Presented by PwCACCA Smart Finance Series - Trust in the Digital Age Presented by PwC
ACCA Smart Finance Series - Trust in the Digital Age Presented by PwCACCASG Community Manager
 
Cover and CyberSecurity Essay
Cover and CyberSecurity EssayCover and CyberSecurity Essay
Cover and CyberSecurity EssayMichael Solomon
 
CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!topseowebmaster
 

Más contenido relacionado

La actualidad más candente

Accenture Banking Security Index
Accenture Banking Security IndexAccenture Banking Security Index
Accenture Banking Security Indexaccenture
 
Intuition Engineered
Intuition EngineeredIntuition Engineered
Intuition EngineeredCognizant
 
Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Anant Desai
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the gameFranco Ferrario
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital FutureCognizant
 
Cognizant Making AI Real with Microsoft
Cognizant Making AI Real with MicrosoftCognizant Making AI Real with Microsoft
Cognizant Making AI Real with MicrosoftSteve Lennon
 
Better Business Outcomes with Big Data Analytics
Better Business Outcomes with Big Data AnalyticsBetter Business Outcomes with Big Data Analytics
Better Business Outcomes with Big Data AnalyticsIBM Software India
 
The Digital Talent Gap: Are Companies Doing Enough?
The Digital Talent Gap: Are Companies Doing Enough?The Digital Talent Gap: Are Companies Doing Enough?
The Digital Talent Gap: Are Companies Doing Enough?Capgemini
 
Use AI to Build Member Loyalty as Medicare Eligibility Dates Draw Near
Use AI to Build Member Loyalty as Medicare Eligibility Dates Draw NearUse AI to Build Member Loyalty as Medicare Eligibility Dates Draw Near
Use AI to Build Member Loyalty as Medicare Eligibility Dates Draw NearCognizant
 
Gartner eBook on Big Data
Gartner eBook on Big DataGartner eBook on Big Data
Gartner eBook on Big DataJyrki Määttä
 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationCognizant
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Mourad Khalil
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Capgemini
 
Turning AI into Concrete Value: The Successful Implementers' Toolkit
Turning AI into Concrete Value: The Successful Implementers' ToolkitTurning AI into Concrete Value: The Successful Implementers' Toolkit
Turning AI into Concrete Value: The Successful Implementers' ToolkitCapgemini
 
Shared Service Centers: Risks & Rewards in the Time of Coronavirus
Shared Service Centers: Risks & Rewards in the Time of CoronavirusShared Service Centers: Risks & Rewards in the Time of Coronavirus
Shared Service Centers: Risks & Rewards in the Time of CoronavirusCognizant
 
7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)Mighty Guides, Inc.
 
Mayfield CXO Survey: Post COVID-19 Impacts to IT
Mayfield CXO Survey: Post COVID-19 Impacts to ITMayfield CXO Survey: Post COVID-19 Impacts to IT
Mayfield CXO Survey: Post COVID-19 Impacts to ITNavin Chaddha
 
Insuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industryInsuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industryAccenture Insurance
 
ACCA Smart Finance Series - Trust in the Digital Age Presented by PwC
ACCA Smart Finance Series - Trust in the Digital Age Presented by PwCACCA Smart Finance Series - Trust in the Digital Age Presented by PwC
ACCA Smart Finance Series - Trust in the Digital Age Presented by PwCACCASG Community Manager
 

La actualidad más candente (20)

Accenture Banking Security Index
Accenture Banking Security IndexAccenture Banking Security Index
Accenture Banking Security Index
 
Intuition Engineered
Intuition EngineeredIntuition Engineered
Intuition Engineered
 
Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the game
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital Future
 
Cognizant Making AI Real with Microsoft
Cognizant Making AI Real with MicrosoftCognizant Making AI Real with Microsoft
Cognizant Making AI Real with Microsoft
 
Better Business Outcomes with Big Data Analytics
Better Business Outcomes with Big Data AnalyticsBetter Business Outcomes with Big Data Analytics
Better Business Outcomes with Big Data Analytics
 
Cybersecurity report-vol-8
Cybersecurity report-vol-8Cybersecurity report-vol-8
Cybersecurity report-vol-8
 
The Digital Talent Gap: Are Companies Doing Enough?
The Digital Talent Gap: Are Companies Doing Enough?The Digital Talent Gap: Are Companies Doing Enough?
The Digital Talent Gap: Are Companies Doing Enough?
 
Use AI to Build Member Loyalty as Medicare Eligibility Dates Draw Near
Use AI to Build Member Loyalty as Medicare Eligibility Dates Draw NearUse AI to Build Member Loyalty as Medicare Eligibility Dates Draw Near
Use AI to Build Member Loyalty as Medicare Eligibility Dates Draw Near
 
Gartner eBook on Big Data
Gartner eBook on Big DataGartner eBook on Big Data
Gartner eBook on Big Data
 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
 
Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise Digital trust and cyber challenge now extends beyond the Enterprise
Digital trust and cyber challenge now extends beyond the Enterprise
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
 
Turning AI into Concrete Value: The Successful Implementers' Toolkit
Turning AI into Concrete Value: The Successful Implementers' ToolkitTurning AI into Concrete Value: The Successful Implementers' Toolkit
Turning AI into Concrete Value: The Successful Implementers' Toolkit
 
Shared Service Centers: Risks & Rewards in the Time of Coronavirus
Shared Service Centers: Risks & Rewards in the Time of CoronavirusShared Service Centers: Risks & Rewards in the Time of Coronavirus
Shared Service Centers: Risks & Rewards in the Time of Coronavirus
 
7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)
 
Mayfield CXO Survey: Post COVID-19 Impacts to IT
Mayfield CXO Survey: Post COVID-19 Impacts to ITMayfield CXO Survey: Post COVID-19 Impacts to IT
Mayfield CXO Survey: Post COVID-19 Impacts to IT
 
Insuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industryInsuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industry
 
ACCA Smart Finance Series - Trust in the Digital Age Presented by PwC
ACCA Smart Finance Series - Trust in the Digital Age Presented by PwCACCA Smart Finance Series - Trust in the Digital Age Presented by PwC
ACCA Smart Finance Series - Trust in the Digital Age Presented by PwC
 

Similar a Digital economy and its effect on cyber risk

Cover and CyberSecurity Essay
Cover and CyberSecurity EssayCover and CyberSecurity Essay
Cover and CyberSecurity EssayMichael Solomon
 
CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!topseowebmaster
 
Client Briefing - Better information leads to better cyber coverage
Client Briefing - Better information leads to better cyber coverageClient Briefing - Better information leads to better cyber coverage
Client Briefing - Better information leads to better cyber coverageChris Beh
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assetscyberprosocial
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfMetaorange
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxMetaorange
 
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain AssuranceApproaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain AssuranceLeonardo
 
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
Contents lists available at ScienceDirectJournal of Accoun
Contents lists available at ScienceDirectJournal of AccounContents lists available at ScienceDirectJournal of Accoun
Contents lists available at ScienceDirectJournal of AccounAlleneMcclendon878
 
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditCyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditNationalUnderwriter
 
Cyber Insurance Temp
Cyber Insurance TempCyber Insurance Temp
Cyber Insurance TempRohan Sehgal
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
The Growing Significance of Cybersecurity
The Growing Significance of CybersecurityThe Growing Significance of Cybersecurity
The Growing Significance of CybersecurityGaurishChauhan
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessibleCharmaine Servado
 
GramaxCybersec_Cybersecurity Trends 2024.pdf
GramaxCybersec_Cybersecurity Trends 2024.pdfGramaxCybersec_Cybersecurity Trends 2024.pdf
GramaxCybersec_Cybersecurity Trends 2024.pdfGramax Cybersec
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...TraintechTde
 
Strengthening Supply Chain Security Against Cyber-Attacks.pdf
Strengthening Supply Chain Security Against Cyber-Attacks.pdfStrengthening Supply Chain Security Against Cyber-Attacks.pdf
Strengthening Supply Chain Security Against Cyber-Attacks.pdfEnterprise Insider
 
Debunking Myths for Cyber-Insurance
Debunking Myths for Cyber-InsuranceDebunking Myths for Cyber-Insurance
Debunking Myths for Cyber-InsurancePriyanka Aash
 

Similar a Digital economy and its effect on cyber risk (20)

Cover and CyberSecurity Essay
Cover and CyberSecurity EssayCover and CyberSecurity Essay
Cover and CyberSecurity Essay
 
CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!
 
Client Briefing - Better information leads to better cyber coverage
Client Briefing - Better information leads to better cyber coverageClient Briefing - Better information leads to better cyber coverage
Client Briefing - Better information leads to better cyber coverage
 
Digital Insurance
Digital InsuranceDigital Insurance
Digital Insurance
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdf
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptx
 
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain AssuranceApproaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain Assurance
 
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
 
Contents lists available at ScienceDirectJournal of Accoun
Contents lists available at ScienceDirectJournal of AccounContents lists available at ScienceDirectJournal of Accoun
Contents lists available at ScienceDirectJournal of Accoun
 
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditCyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
 
Cyber Insurance Temp
Cyber Insurance TempCyber Insurance Temp
Cyber Insurance Temp
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
The Growing Significance of Cybersecurity
The Growing Significance of CybersecurityThe Growing Significance of Cybersecurity
The Growing Significance of Cybersecurity
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessible
 
GramaxCybersec_Cybersecurity Trends 2024.pdf
GramaxCybersec_Cybersecurity Trends 2024.pdfGramaxCybersec_Cybersecurity Trends 2024.pdf
GramaxCybersec_Cybersecurity Trends 2024.pdf
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
 
Strengthening Supply Chain Security Against Cyber-Attacks.pdf
Strengthening Supply Chain Security Against Cyber-Attacks.pdfStrengthening Supply Chain Security Against Cyber-Attacks.pdf
Strengthening Supply Chain Security Against Cyber-Attacks.pdf
 
Debunking Myths for Cyber-Insurance
Debunking Myths for Cyber-InsuranceDebunking Myths for Cyber-Insurance
Debunking Myths for Cyber-Insurance
 

Más de aakash malhotra

Evolving Technology Trends Is your bank ready for tomorrow?
Evolving Technology Trends Is your bank ready for tomorrow?Evolving Technology Trends Is your bank ready for tomorrow?
Evolving Technology Trends Is your bank ready for tomorrow?aakash malhotra
 
In-deloitte-tech-trends-2023-noexp.pdf11
In-deloitte-tech-trends-2023-noexp.pdf11In-deloitte-tech-trends-2023-noexp.pdf11
In-deloitte-tech-trends-2023-noexp.pdf11aakash malhotra
 
DeIoitte_The-future-of-work-in-technology.
DeIoitte_The-future-of-work-in-technology.DeIoitte_The-future-of-work-in-technology.
DeIoitte_The-future-of-work-in-technology.aakash malhotra
 
Toward True Organizational Resilience | Deloitte’s Global Resilience Report
Toward True Organizational Resilience | Deloitte’s Global Resilience ReportToward True Organizational Resilience | Deloitte’s Global Resilience Report
Toward True Organizational Resilience | Deloitte’s Global Resilience Reportaakash malhotra
 
Risk Advisory’s new narrative Mitigate risks effectively
Risk Advisory’s new narrative Mitigate risks effectivelyRisk Advisory’s new narrative Mitigate risks effectively
Risk Advisory’s new narrative Mitigate risks effectivelyaakash malhotra
 
India Banking Fraud Survey Edition IV - Deloitte
India Banking Fraud Survey Edition IV - DeloitteIndia Banking Fraud Survey Edition IV - Deloitte
India Banking Fraud Survey Edition IV - Deloitteaakash malhotra
 
Sustainability perspectives Key insights
Sustainability perspectives Key insightsSustainability perspectives Key insights
Sustainability perspectives Key insightsaakash malhotra
 
Global_Resilience_report_October_2022_wc.pdf
Global_Resilience_report_October_2022_wc.pdfGlobal_Resilience_report_October_2022_wc.pdf
Global_Resilience_report_October_2022_wc.pdfaakash malhotra
 
in-ra-service-brochure-December-23-noexp.pdf
in-ra-service-brochure-December-23-noexp.pdfin-ra-service-brochure-December-23-noexp.pdf
in-ra-service-brochure-December-23-noexp.pdfaakash malhotra
 
Yearly Status of School Education in states and union territories of India - ...
Yearly Status of School Education in states and union territories of India - ...Yearly Status of School Education in states and union territories of India - ...
Yearly Status of School Education in states and union territories of India - ...aakash malhotra
 
Annual Status of Higher Education (ASHE), 2023 In states and union territorie...
Annual Status of Higher Education (ASHE), 2023 In states and union territorie...Annual Status of Higher Education (ASHE), 2023 In states and union territorie...
Annual Status of Higher Education (ASHE), 2023 In states and union territorie...aakash malhotra
 
in-deloitte-tech-trends-2023-noexp.pdf
in-deloitte-tech-trends-2023-noexp.pdfin-deloitte-tech-trends-2023-noexp.pdf
in-deloitte-tech-trends-2023-noexp.pdfaakash malhotra
 
2025 banking and capital markets outlook
2025 banking and capital markets outlook2025 banking and capital markets outlook
2025 banking and capital markets outlookaakash malhotra
 
gx-er-corporate-procurement-renewable-energy-report.pdf
gx-er-corporate-procurement-renewable-energy-report.pdfgx-er-corporate-procurement-renewable-energy-report.pdf
gx-er-corporate-procurement-renewable-energy-report.pdfaakash malhotra
 
in-tax-Deloitte-Pre-budget-study-2023.pptx
in-tax-Deloitte-Pre-budget-study-2023.pptxin-tax-Deloitte-Pre-budget-study-2023.pptx
in-tax-Deloitte-Pre-budget-study-2023.pptxaakash malhotra
 
in-union-budget-2023-detailed-analysis-noexp.pdf
in-union-budget-2023-detailed-analysis-noexp.pdfin-union-budget-2023-detailed-analysis-noexp.pdf
in-union-budget-2023-detailed-analysis-noexp.pdfaakash malhotra
 
Keeping an eagle eye on two ‘I’s will be imperative–Inflation and INR
Keeping an eagle eye on two ‘I’s will be imperative–Inflation and INRKeeping an eagle eye on two ‘I’s will be imperative–Inflation and INR
Keeping an eagle eye on two ‘I’s will be imperative–Inflation and INRaakash malhotra
 
5G – Enable, elevate, and emerge Digitalising us to infinity and beyond
5G – Enable, elevate, and emerge Digitalising us to infinity and beyond5G – Enable, elevate, and emerge Digitalising us to infinity and beyond
5G – Enable, elevate, and emerge Digitalising us to infinity and beyondaakash malhotra
 
The trade landscape, as we know it, is changing: Is India prepared?
The trade landscape, as we know it, is changing: Is India prepared?The trade landscape, as we know it, is changing: Is India prepared?
The trade landscape, as we know it, is changing: Is India prepared?aakash malhotra
 

Más de aakash malhotra (20)

Evolving Technology Trends Is your bank ready for tomorrow?
Evolving Technology Trends Is your bank ready for tomorrow?Evolving Technology Trends Is your bank ready for tomorrow?
Evolving Technology Trends Is your bank ready for tomorrow?
 
In-deloitte-tech-trends-2023-noexp.pdf11
In-deloitte-tech-trends-2023-noexp.pdf11In-deloitte-tech-trends-2023-noexp.pdf11
In-deloitte-tech-trends-2023-noexp.pdf11
 
DeIoitte_The-future-of-work-in-technology.
DeIoitte_The-future-of-work-in-technology.DeIoitte_The-future-of-work-in-technology.
DeIoitte_The-future-of-work-in-technology.
 
Toward True Organizational Resilience | Deloitte’s Global Resilience Report
Toward True Organizational Resilience | Deloitte’s Global Resilience ReportToward True Organizational Resilience | Deloitte’s Global Resilience Report
Toward True Organizational Resilience | Deloitte’s Global Resilience Report
 
Risk Advisory’s new narrative Mitigate risks effectively
Risk Advisory’s new narrative Mitigate risks effectivelyRisk Advisory’s new narrative Mitigate risks effectively
Risk Advisory’s new narrative Mitigate risks effectively
 
India Banking Fraud Survey Edition IV - Deloitte
India Banking Fraud Survey Edition IV - DeloitteIndia Banking Fraud Survey Edition IV - Deloitte
India Banking Fraud Survey Edition IV - Deloitte
 
Sustainability perspectives Key insights
Sustainability perspectives Key insightsSustainability perspectives Key insights
Sustainability perspectives Key insights
 
Global_Resilience_report_October_2022_wc.pdf
Global_Resilience_report_October_2022_wc.pdfGlobal_Resilience_report_October_2022_wc.pdf
Global_Resilience_report_October_2022_wc.pdf
 
in-ra-service-brochure-December-23-noexp.pdf
in-ra-service-brochure-December-23-noexp.pdfin-ra-service-brochure-December-23-noexp.pdf
in-ra-service-brochure-December-23-noexp.pdf
 
Yearly Status of School Education in states and union territories of India - ...
Yearly Status of School Education in states and union territories of India - ...Yearly Status of School Education in states and union territories of India - ...
Yearly Status of School Education in states and union territories of India - ...
 
Annual Status of Higher Education (ASHE), 2023 In states and union territorie...
Annual Status of Higher Education (ASHE), 2023 In states and union territorie...Annual Status of Higher Education (ASHE), 2023 In states and union territorie...
Annual Status of Higher Education (ASHE), 2023 In states and union territorie...
 
in-deloitte-tech-trends-2023-noexp.pdf
in-deloitte-tech-trends-2023-noexp.pdfin-deloitte-tech-trends-2023-noexp.pdf
in-deloitte-tech-trends-2023-noexp.pdf
 
2025 banking and capital markets outlook
2025 banking and capital markets outlook2025 banking and capital markets outlook
2025 banking and capital markets outlook
 
gx-er-corporate-procurement-renewable-energy-report.pdf
gx-er-corporate-procurement-renewable-energy-report.pdfgx-er-corporate-procurement-renewable-energy-report.pdf
gx-er-corporate-procurement-renewable-energy-report.pdf
 
GST on Online Gaming
GST on Online GamingGST on Online Gaming
GST on Online Gaming
 
in-tax-Deloitte-Pre-budget-study-2023.pptx
in-tax-Deloitte-Pre-budget-study-2023.pptxin-tax-Deloitte-Pre-budget-study-2023.pptx
in-tax-Deloitte-Pre-budget-study-2023.pptx
 
in-union-budget-2023-detailed-analysis-noexp.pdf
in-union-budget-2023-detailed-analysis-noexp.pdfin-union-budget-2023-detailed-analysis-noexp.pdf
in-union-budget-2023-detailed-analysis-noexp.pdf
 
Keeping an eagle eye on two ‘I’s will be imperative–Inflation and INR
Keeping an eagle eye on two ‘I’s will be imperative–Inflation and INRKeeping an eagle eye on two ‘I’s will be imperative–Inflation and INR
Keeping an eagle eye on two ‘I’s will be imperative–Inflation and INR
 
5G – Enable, elevate, and emerge Digitalising us to infinity and beyond
5G – Enable, elevate, and emerge Digitalising us to infinity and beyond5G – Enable, elevate, and emerge Digitalising us to infinity and beyond
5G – Enable, elevate, and emerge Digitalising us to infinity and beyond
 
The trade landscape, as we know it, is changing: Is India prepared?
The trade landscape, as we know it, is changing: Is India prepared?The trade landscape, as we know it, is changing: Is India prepared?
The trade landscape, as we know it, is changing: Is India prepared?
 

Último

RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Sheetaleventcompany
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfAdmir Softic
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...daisycvs
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceDamini Dixit
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...lizamodels9
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1kcpayne
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptxnandhinijagan9867
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPanhandleOilandGas
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...amitlee9823
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
 
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceEluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceDamini Dixit
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperityhemanthkumar470700
 

Último (20)

RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation Final
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceEluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperity
 

Digital economy and its effect on cyber risk

  • 1. 1 Unlocking the Value of Cyber Insurance Private and confidential 2020
  • 2.
  • 3. Digital economy and its affect of cyber risk 4 What is cyber insurance? 6 Need for cyber insurance 7 Challenges faced by organisations buying cyber insurance 8 Measures to keep insurance premium low or select right insurance 10 How can we help? 16 Key contacts 18 Contents
  • 4. 4 Digital economy and its effect on cyber risk The business and technology innovations that organisations are adopting in their quest for growth, innovation, and cost optimisation, present heightened levels of cyber risks. Such innovations most likely introduce new vulnerabilities and complexities into the organisation’s ecosystem making them more susceptible to cyberattacks. Recent cyberattacks indicate that cyber breaches are inevitable and can be extremely harmful. Cyber breaches can lead to tangible costs, brand degradation, and changes in consumer behaviour. Cyberattack is inevitable It’s not a question of “whether” it will happen, but “when”. Unlocking the value of cyber insurance | Digital economy and its affect of cyber risk Source: Gartner, “Innovation Insight for Security Rating Services”, Sam Olyaei, Christopher Ambrose, Jeffrey Wheatman, 27 July 2018
  • 5. 5 Unlocking the value of cyber insurance | Digital economy and its affect of cyber risk
  • 6. 6 Cyber insurance is an insurance product designed to help businesses hedge against cyber risks, such as data breaches, cybercrimes including malware, ransomware, distributed denial-of-service (DDoS) attacks, or any other method used to compromise a network, intellectual property, and privacy or confidential information. What is cyber insurance? Unlocking the value of cyber insurance | What is cyber insurance?
  • 7. 7 Need for cyber insurance Cyber insurance has become popular as a cyber-risk mitigation measure. Although insurance is a lucrative option to cover cyber risks, businesses need to understand that the insurance premium is directly proportional to their cyber security preparedness. Hence, cyber insurance cannot be treated as a risk transfer mechanism. Key drivers for cyber insurance include the following: • Rising digitalisation of businesses due to adoption of cloud, mobile, social media and Internet of Things (IoT), thus, expanding the threat landscape • Evolving threat landscape, with the recent ransomware/malware attacks, targeting various sectors • Increasing awareness on cyber security • Drafting of India’s Personal Data Protection Bill 2019 and apprehensions around implications of the General Data Protection Regulation (GDPR) The rise of coronavirus identified the need that enterprises must increase corporate resilience and help ensure community well-being by embracing virtual collaboration tools and practices. Recently, your organisation may have decided—to perform all work virtually in response to the spread of the virus. • What does this mean for your business? • Is this a short-term anomaly or a long- term trend? • How does your organisation continue to work and create value in this new environment? • Does this require you to change your operating model? • Does the change expose you to additional cyber risks? Cyber insurance can complement an organisation’s active security measures by providing insurance coverage in three broad areas: • Liability for loss or breach of data • Remediation costs associated with forensic investigations, notification to affected parties, etc., to respond to a breach • Regulatory fines and penalties as well as associated settlement costs However, cyber insurance cannot provide the following: • Protection from reputational risk – A monetary claim can be awarded for an information security breach, but the insurance carrier cannot repair the damage to an organisation’s brand. • Removal of risk – Insurance, whether cyber or otherwise, provides an organisation with the opportunity to transfer risk, but not remove it. • Replacement for an information security programme – Strong security controls and a comprehensive information security programme are the prerequisites for purchasing cyber insurance. Cyber insurance can replace such controls and programmes, but cannot bring back the original files. “Cyber insurance is only one element of risk management and it will never be able to remove cyber risk entirely” Unlocking the value of cyber insurance | Need for cyber insurance
  • 8. Unlocking the value of cyber insurance | Challenges faced by organisations buying cyber insurance 8
  • 9. 9 Challenges faced by organisations buying cyber insurance Dearth of data leaves insurers in the dark and buyers with higher premiums The buyers are reluctant on sharing data that can help insurers evaluate risks and this dearth of data leaves insurers in the dark.Hence, lack of actuarial data on cyberattacks inhibits robust risk assessment. This often leads to unrealistic or exorbitant cyber insurance premiums, which further alienates a potential buyer. Buyers often don’t understand cyber risks or their insurance coverage options Although the level of cyber risk awareness and senior management’s attention to cyber security is increasing, there appears to be a gap in terms of translating cyber risk into estimates of potential losses, which would normally be a prerequisite to any decision on the purchase of insurance coverage. Due to lack of understanding of financial exposure, many companies take insurance purchase decisions based on industry benchmarking (i.e., the insurance amount the companies’ competitor has bought) rather than assessing the actual needs. Since the description of coverage terms, conditions, and exclusions are not standardised in cyber policies: • Coverage is often written via customised policies, resulting in varied terminology from different insurance providers. • Similar products from different providers have varied features, thus challenging value and price comparisons. Cyberattacks keep evolving and new risks keep emerging Inherent volatility of ever- evolving cyber risk limits the value of historical experience and undermines predictability. The damages because of cyber extortion, reputational loss, and rapidly evolving data and privacy landscape make quantification of comprehensiveness and adequacy of cover difficult. Cyber risk is spread over a wide range of coverages: Cyber risk may be included in many different policies Complicates efforts to assess coverage needs, match policies with exposures, and compare alternatives Challenges buyers and their intermediaries to figure out the best place to put coverage for cyber-related expenses Exposures evolve as new risks emerge Exacerbates buyer uncertainty over what coverage they need versus what they may already have in existing policies Claims litigation uncertainties Since claims and disputes of cyber coverage have not reached critical audience yet, there is lack of references that leaving the buyers uncertain over success ratio of the claims settlement process. The buyers fear potential gaps in coverage within a policy or among multiple policies addressing cyber risk. Language may be subject to interpretation, even litigation, when an event occurs. The buyers will not realise what is not covered until after they file a claim. Despite a promising market opportunity and clear coverage needs, various buyers are hesitant in buying these insurances. Some of the challenges the organisations face include the following: Unlocking the value of cyber insurance | Challenges faced by organisations buying cyber insurance 1 2 3 4
  • 10. 10 Measures to keep insurance premium low or select right insurance I. Maintain a healthy security posture Insurers typically rely on cyber risk assessments to evaluate the cyber exposure of the buyer. Hence, organisations need to develop a robust cyber-risk assessment mechanism to understand and evaluate cyber exposure. Although 100 percent security is impossible, organisations can implement a number of risk treatment measures for prevention, detection, and response activities to keep cyber risks at an acceptable level by developing a sound approach for risk management. While the traditional cyber defense mechanisms help in thwarting conventional attacks, the future attacks will need an all-encompassing strategy. The following ten design principles aim to provide possible amalgamations of traditional and futuristic resilience risk mitigation strategies to the organisations: Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
  • 11. 11 1. Board involvement in information security programme oversight A well-informed board with a clear understanding of cyber risks focuses on information security throughout the organisation. Hence, encourages the management and the employees to be more proactive in managing cyber risks, thus lowering claims frequency and the amount of data loss. 2. A robust cyber risk management programe A sound cyber risk programme is an integral element of business success. While being secure is more important than ever, Deloitte puts an emphasis on the need to be constantly vigilant and resilient in the face of shifting cyber threats. 3. A capable security operations center (SOC) Insurers will reduce premiums if an organisation demonstrates implementation of a robust cyber risk monitoring programe in the form of a cyber-SOC (C-SOC) setup using advanced infrastructure, and is operated by a team of dedicated cyber security professionals providing 24x7 service. An intelligent C-SOC can provide a number of services including external threat intelligence and capabilities to respond to cyber incidents. 4. Seeking security audit reports and demarcating security responsibilities Implement three lines of defense model comprising the following: • First line of defense includes functions that own and manage risk. • Second line of defense includes functions that oversee or specialise in risk management, and compliance. • Third line of defense includes functions that provide independent assurance, above all internal audit. 5. Managing third party risks Some insurance companies require annual external assessments. Recent history gives examples of most breaches that happened due to the weak security controls implemented at vendors, third parties, or at business partners’ end (who had access to the systems or data). Hence, it is important to assess resilience and security capabilities of critical third parties and vendors periodically. 6. Data backup and restoration A pre-defined backup schedule and a strategy indicating what to back up, when to back up, and on which medium to back up, prove to be a highly effective recovery strategy. The data backup strategy should mandate periodic restoration checks to ascertain data quality, integrity, and usability. Recent ransomware attacks have exposed an intrinsic vulnerability in IT-DR, whereby the ransomware infection has inadvertently infected the data and application instances replicated in the DR, thereby rendering it useless. Golden Data Copy is a clean back-up copy created, in addition to the data replicated at the DR, and is maintained in an air- gapped environment. 7. Business Continuity with security Recent COVID-19 pandemic has highlighted the need to strengthen remote access, as people cannot travel to their office locations. Remote working has become the new norm and is going to be ubiquitous, thereby extending the organisation’s perimeter and increasing the attack surface. Leveraging various collaborative tools for video conferencing, online meetings, workspace sharing have led to sharing of highly confidential and personal information, which otherwise was not accessible over the Internet. Hence, the risk of data leakage or hack has increased exponentially. While remote working could save many lives in a pandemic scenario, if adopted as a new business norm increases the risk to the organisation, which needs to be managed and hence, cyber insurance would be the key to manage this increased risk. It may be time for corporates to look at cyber insurance, and for individuals to protect their information when working from home and executing digital transactions. 8. Integrating chaos engineering into the vulnerability testing programme Traditional vulnerability programmes are limited to the defined periodicity, scope, and application boundaries. Chaos engineering performs ongoing resilience testing by orchestrating unexpected failures and assessing the system’s ability to recover from the outage using designed controls. 9. Skilled responders and cyber aware organisation Trained, skilled, and experienced responders determine an organisation’s capability to thwart sophisticated cyberattacks that originate from highly motivated and well-funded cyber criminals. 10. Compliance with legal and regulatory requirements Organisations must manage the compliance and mandates from regulations within their industry, ensuring they are audited regularly. Identifying and complying with legal, regulatory, and contractual obligations concerning cyber security and resilience are fundamental to any cyber risk management programme. A formalized cyber risk management program is a prerequisite. Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
  • 12. 12 II. Maintain a good cyber security rating score To understand the importance of a good cyber security rating score, it is necessary to understand how insurers assess cyber risks and take underwriting decisions. While traditional techniques, such as questionnaire- based assessments are still effective, such assessments are time consuming, expensive and provide a point in time snapshot of performance. Many insurance companies have entered into partnerships with information technology firms to improve their access to cyber incidents. Solutions are available within market, which perform data analysis based on company performance and provide comprehensive reports including historical data and comparisons with industry benchmarks. Using such objective analysis, insurers take informed underwriting decisions. Organisations need to use these cyber security rating solutions and monitor their cyber security rating score. Such solutions report security flaws, contextualize, and prioritise the risk information they collect so that organisations can allocate resources strategically and mitigate risks. Some of the key features offered by these cyber risk rating solutions include the following: • Functionality to collect and analyse data from surface, deep, and dark web channels • Capabilities to perform entity attribution and risk analysis of organisations worldwide • A consistent rating methodology to generate cyber risk scores dynamically • A clear focus on third-party cyber-risk use cases serving multiple industries Cyber risk rating services do not replace traditional security posture assessments, but rather supplement them. A formalised cyber risk management programme is a prerequisite. “By 2022, cybersecurity ratings will become as important as credit ratings when assessing the risk of business relationships.” Source: Gartner, “Innovation Insight for Security Rating Services”, Sam Olyaei, Christopher Ambrose, Jeffrey Wheatman, 27 July 2018 Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
  • 13. Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance 13
  • 14. 14 III. Evaluate and compare cyber insurance policies on key considerations Buyers considering cyber insurance need to practice due care and diligence, regardless of the insurance coverage and should be aware about protocols related to forensics and evidence management for honouring the claim after a cyberattack. Some critical considerations that a buyer must make when selecting a cyber insurance policy include the following: Understand your organisation’s risk exposure Evaluate your current cyber risk exposure to understand the type and amount of cyber insurance coverage required. In certain areas, where controls are well established and routinely tested, coverage may not be required. Risk exposure is based on multiple factors. Some of the factors include the following: • The type and context of information transacted and retained • Risks of hazard to the affected individual • The security level of mobile devices carrying sensitive data • The encryption level of sensitive data at rest and in motion • Interruption to business for usual operations • Loss arising from virus/malware attack, introduction of malicious code or unauthorised access leading to data breach • Cost of rebuilding data during acts of vandalism • Fraudulent transactions undertaken due to security breach arising out of cyberattacks (including social engineering) Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
  • 15. 15 • Cyber extortion or threat leading to ransom payment • Loss arising from unauthorised data alternation or stealing of data (including social engineering attacks) • Loss due to network disruption or business interruption Adequacy of coverage based on cost of data breach Adequacy of coverage needs to factor not only risk exposure of the organisation but also the cost of data breach. Some of the typical costs incurred by an organisation dusring a data breach include the following: • Cost of computer forensic investigation • Cost of civil litigations and criminal investigation • Crisis management and customer notification expenses • Liability arising out of personal and corporate data breach • Liability arising out of outsourced activities • Liability arising out of disparagement of products and services, defamation and infringement of intellectual property rights • Defense cost for litigations and in connection with proceedings brought about by regulators • Coverage for regulatory fines and penalties Understand policy complexities There is a variety of insurance policies available, often requiring a rigorous underwriting process. Spend time upfront understanding the preconditions that must be met to obtain insurance. It is also important to understand any policy exclusions to make sure that you can take advantage of the coverage you will be paying for. Understand the claims’ process up front Not all cyber claims are treated equally. Understand what is required to file a claim and make sure you can satisfy these requirements before purchasing insurance. During an incident, insurers often require organisations to execute a formal incident response process— including maintaining logs, emails, forensic scans, and other evidence—using methods that preserve the integrity of the evidence. Balance the cost of premium and implementation of security controls While insurance policies may assist in transferring risk, organisations should analyse cost benefits to determine the appropriateness of investing in cyber insurance coverage. Remember Cyber insurance is for mitigating risks that cannot be addressed in-house. Cyber insurance products are no replacement for a robust information security programme. Organisations should first develop mature information security programmes and an understanding of the total cost of their cyber risk. The insurance constitutes as a significant element of risk management (i.e., risk transfer) that can help organisations manage cyber risk. Unlocking the value of cyber insurance | Measures to keep insurance premium low or select right insurance
  • 16. 16 Unlocking the value of cyber insurance | How can we help?
  • 17. 17 How can we help? • How to select an appropriate insurance policy? • What type of coverage should my organisation get? • What residual risks does my organisation face with our current cyber insurance? Deloitte can assist clients in executing a cyber insurance focused risk assessment to answer the following questions: Risk assessment Security and privacy breaches Forensic investigation Cyber insurance key components Cyber insurance coverage Crisis management Loss of income Business interruption Regulatory response Credit monitoring Network intrusion Understanding claims Policy selection Policy exclusion analysis Incident response Managing claims Controls gap analysis Provider analysis CYBER INSURANCE Unlocking the value of cyber insurance | How can we help?
  • 18. 18 ROHIT MAHAJAN President | Risk Advisory rmahajan@deloitte.com SHREE PARTHASARATHY Partner | Cyber Leader sparthasarathy@deloitte.com ANAND VENKATRAMAN Partner anandv@deloitte.com DEEPA SESHADRI Partner deseshadri@deloitte.com GAUTAM KAPOOR Partner gkapoor@deloitte.com Key Contacts Unlocking the value of cyber insurance | Key contacts
  • 19. 19
  • 20. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see www. deloitte.com/about for a more detailed description of DTTL and its member firms. This material is prepared by Deloitte Touche Tohmatsu India LLP (DTTILLP). This material (including any information contained in it) is intended to provide general information on a particular subject(s) and is not an exhaustive treatment of such subject(s) or a substitute to obtaining professional services or advice. This material may contain information sourced from publicly available information or other third party sources. DTTILLP does not independently verify any such sources and is not responsible for any loss whatsoever caused due to reliance placed on information sourced from such sources. None of DTTILLP, Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the “Deloitte Network”) is, by means of this material, rendering any kind of investment, legal or other professional advice or services. You should seek specific advice of the relevant professional(s) for these kind of services. This material or information is not intended to be relied upon as the sole basis for any decision which may affect you or your business. Before making any decision or taking any action that might affect your personal finances or business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person or entity by reason of access to, use of or reliance on, this material. By using this material or any information contained in it, the user accepts this entire notice and terms of use. ©2020 Deloitte Touche Tohmatsu India LLP. Member of Deloitte Touche Tohmatsu Limited