The head of the NZ arm of global insurance broker, Marsh&McLennan, has lashed out at the insurance industry for what he says is its tardiness in providing protections for cyber related risks.
Marsh Head of Country Marcus Pearson, was commenting on the results of a survey his company has undertaken for the Institute of Directors.
In his foreword to the Directors’ Risk Survey Report 2016, Pearson said: “It comes as no surprise there is frustration at the perceived slow progress of affordable, practical insurance protection for cyber related risks as insurance companies struggle to adapt to the pace of change.
“There are deep concerns about the potential for losses that hyper-connectivity brings as cyber threats move from defending against website defacements, denial of service attacks and data breaches to more serious attacks on cyber-physical systems controlling physical assets and critical infrastructure.”
The 46 directors that responded to the survey said they perceived cyber-attacks to be the biggest threat to New Zealand businesses in 2017. Seventy nine percent of those surveyed rated the impact on their organisation’s strategic growth, operational efficiency and legal/ contractual compliance as medium or high. Sixty five percent expected the risk environment to increase during 2017, in the public sector that perception was shared by 83 percent of directors surveyed.
The survey’s findings are in line with those in PriceWaterhouseCoopers’ 20th annual NZ CEO survey, released last week. It found 91 percent of CEOs worried about cyber security.
Thirty two percent of directors in the Institute’s survey said they did not have the framework in place to manage the risk of a cyber-attack. The institute said this figure had not changed since its own Director Sentiment Survey conducted late last year that showed barely a third of directors had the capability to deal with their organisation’s digital future.
“It’s little surprise that cyber-risks are now ranked as the number one concern to businesses in New Zealand,” the Institute said. “From July 2015 to June 2016, there was a 25 percent increase in the number of data loss incidents in New Zealand, and a worrying 47 percent increase in the value of those losses. Total losses (as a result of cyber-attacks) are estimated to be between $300 and $400 million annually in New Zealand.”
Interestingly cyber threats did not feature specifically in the sentiment survey. In response to the question: “What, in your view, are the biggest risks facing your organisation?” Labour quality and capability topped the rankings, cited by 46 percent of respondents. Technology disruption was in third place at 33 percent, after regulatory red tape at 34 percent.