According to the Allianz Risk Barometer 2016 report, cyber incidents (IT failures, data breaches and cyber crime) are emerging as the top future risk to business reputation across the globe. This was supported by the findings of the annual BCI Horizon Scan report released in early February.
The BCI report found that 85% of business continuity managers fear the possibility of a cyber attack, with most also worried about the effects of unplanned IT outages and data breaches. It identified cyber attacks as the number one biggest threat to companies for the second consecutive year.
Businesses worldwide have good reason to worry. The Grant Thornton 2015 International Business Report (IBR) found that cyber attacks cost businesses globally at least $US 315 billion during 2014-15. However, despite the financial and reputational risks of a cyber incident, many companies still do not have any strategies or procedures in place.
As with any type of crisis, being prepared through the implementation of strategies and plans can significantly reduce the risk of a crisis disrupting business operations or tarnishing business reputation. Paul Jacobs, the Global Leader of Cyber Security at Grant Thornton explained that cyber attacks whilst they pose a serious financial threat also have the potential to significantly damage reputation if they undermine customer confidence. He stated that “despite this, nearly half of firms still lack a strategy to deal with a cyber threat”.
Jens Krickhahn, Practice Leader of Financial Lines at Allianz also confirms that cyber risk needs to be an essential part of any company’s crisis management plan – especially since a lot of companies “only recognize the loss (of reputation/finance) when an attack has already occurred”.
The Allianz Risk Barometer Report recommends that businesses implement cyber risk plans to reduce the impact of cyber incidents on business operations and reputation. Identifying potential cyber risks within the business such as human error, overreliance on third party providers or IT failure can assist a company in being better prepared when they occur.
Preparedness is crucial for any type of crisis. It is especially important for a crisis that poses significant threats to business operations, financial gains and business reputation such as cyber incidents. As Mary Galligan, director of Cyber Risk Services at Deloitte & Touche LLP, points out responses to cyber incidents “should start long before an attack occurs, with preparation and a focus on resilience”.
Briggs Communications specialises in creating incident response and crisis management plans for businesses. We can help your business prepare for and manage a cyber incident. Contact us today for your free consultation.