Today’s Cyber and IT workshop promises to provide practical tips for monitoring and responding to the growing risk of cyber attack


There is no doubt that cyber attacks are a growing concern for businesses and governments. Headlines this year have brought the world’s attention to a host of state-sponsored criminality and espionage, large-scale organised cyber crime, and other malicious cyber attacks.

In March for example, South Korean broadcasters and banks suffered a cyber attack that saw 50,000 computers and servers shut down. The initial investigation pointed to a North Korean military spy agency as the culprit.

In the same month, the global community was hit by what has been described by security experts as the “largest cyber attack of its kind in history”. It resulted in a slowdown of internet speeds around the world and arose out of a row between anti-spam organisation Spamhaus and a Dutch web-hosting firm.

Equally as worrying is the economic impact. Losses from such crimes amount to anything between $300bn (€222bn) and $1trn (€740bn) in annual global losses, according to a 2013 report by computer security firm McAfee.

All businesses however big or small are vulnerable to an attack, according to security experts – and how to deal with such attacks forms part of Ferma’s cyber and IT workshops.

Ferma vice-president and director of risk management and insurance at DLA Piper Julia Graham, one of four panellists at this afternoon’s workshop, says: “The world that we’re living in has changed and so has the risk landscape. Governments and organisations are increasingly aware that cyber attacks are a case of ‘when’ and not ‘if ’. And when it does happen, businesses need to have an eff ective plan to respond to it. So part of the workshop today will look at building a system for monitoring and the response with regards to cyber attacks.”

The financial impact of such crimes on businesses will also be up for further discussion. Panellist Kevin Kalinich, Aon’s global practice leader in cyber/network risk, will focus more on this. He says: “My focus at the workshop will not be limited to IT security breaches, but will also include employee mistakes and social conditioning, and how such incidences affect every type of organisation in every industry, small, medium and large, looking also at the economical impact and measurable losses.

“What we do is design a road map to determine what those [financial] implications are. Mapping the financial fallout isn’t as simple as just looking at the risk profile of a company, such as size and industry. More important is the methodology by which companies implement new technologies and information assets, for instance.

“There are many more questions to ask: how much of your information technology do you incorporate in-house versus how much is outsourced to a third-party vendor? Do you host your own servers? Or do you have outsourced third-party providers such as cloud computing and big-data analytics providers? These are the type of areas that could also cause financial losses.

“Our approach is not limited to say ‘go out and buy cyber insurance’, but instead to let us help you identify how your new technology is changing your risk profile’.”

Cyber risk – not just a domain for IT is taking place on 1 October, 14:00 to 15:15 in room 2.1