GENEVA – Organizations must dramatically improve their response to cyber risks to avoid a new global shock on the scale of the financial crisis that rocked the world in 2008, a study showed Tuesday.
Zurich Insurance said in a statement that even cyber security professionals did not have a clear overview of all the interconnected risks organizations can face. The Swiss insurance group, which has produced a report on cyber risks in cooperation with the Atlantic Council think tank, warned that “a build-up in these risks could create a failure on a similar scale to the 2008 financial crisis”.
Subprime mortgages were at the root of that crisis which began when the US housing market collapsed, dragging down major banks, and causing panic on world financial markets.
The Zurich Cyber Risk Report said IT risks could pose a threat of a similar scale.
“Few people truly understand their own computers or the Internet, or the cloud to which they connect, just a few truly understood the financial system as a whole or the parts to which they are most directly exposed,” said Zurich risk chief Axel Lehmann.
Outsourcing of server management for example or creating direct connections between organizations for things like corporate joint ventures makes it more difficult to get an overview of the risks involved, Zurich said.
The risk of disruption in the Internet infrastructure itself, malware attacks and major international conflicts can also create system-wide risk, it added.
“The Internet is the most complex system humanity has ever devised. Although it has been incredibly resilient for the past few decades, the risk is that the complexity which has made cyberspace relatively risk-free can, and likely will, backfire,” Lehmann said.
Related Reading: When Your Insurer Says “Um, No” to Cyber Protection
Related Reading: AIG Expands Coverage to Include Physical Damage Caused By Cyber Attacks