CYBERSPACE SECURITY

Why we should pay attention to cyber attacks

 

javier.mercado@aig.com

These days, we are hearing more and more about cyber attacks. Chances are some company, somewhere this week will announce to its clients and customers that its system has been breached and its data compromised. The motive behind the attacks could be fraud, economic espionage or just plain destruction of information.

Whatever the motive, cyber attacks are making headlines, but are companies paying attention?

The prevailing thought among management has been that cyber attacks are problems faced by banks, governments, retailers and a few unlucky others — that the odds are small that other industries are being attacked. Many managers assume that only companies collecting credit card data are vulnerable. However, we now know, no company or industry is safe. In fact, there are indications that the prevailing perception is changing.

A survey done in late 2012 about cyber risks sponsored by American International Group (AIG) confirms that business leaders view cyber risk as a top business concern, with great potential for reputational and financial loss. More than 85 percent of the 258 decision-makers surveyed said they were very or somewhat concerned about cyber risks, compared with the group’s response to six other areas of risk, including income loss (82 percent of executives were very or somewhat concerned), property damage (80 percent), and securities and investment risk (76 percent).

The causes of cyber breach are many, whether from human error when employees mismanage sensitive data or from hackers looking to disrupt the operations of less protected companies. The worldwide web has made cyber risks a multinational issue. Many criminals now operate anonymously thousands of miles away from their targets using sophisticated hacking techniques.

When companies think of sensitive data, they may primarily think about transactional information involving clients (e.g., credit card information) or medical information (e.g., hospital medical records). However, even if the company conducts few transactions via the internet, hackers are still interested in the information they hold. For example employee data, such as names, addresses and personal ID numbers is highly desirable. Hackers also look for competitive intelligence, such as a company’s intentions to make an acquisition, new product designs and patent files.

Breaching a network to steal sensitive information has become its own business with the stolen information being bought and sold every day. Cyber thieves have even been known to have customer service capabilities and money back guarantees on stolen information.

While the cyber landscape is rapidly evolving, companies need to stay ahead of the curve. Companies should begin by assessing risks, needs and budgets and developing an enterprise-wide management and response plan that is aligned with the business strategy. Engaging employees to educate them about their role in mitigating cyber exposure is critical. In addition, companies should build secure and robust information technology (IT) systems. This is considered to be the most powerful first line of defense against cyber threats.

Companies should include cyber liability as part of a company’s comprehensive data protection strategy. A cyber insurance package helps a company manage through a breach by paying the costs of notifications, public relations and other services to assist in mitigating a cyber incident. A global economy means multinational companies must comply with local regulations even when their headquarters are based far away. Companies can address the appropriate regulatory, legal, investor and auditor concerns when cyber risk management starts from the top down – with the board of directors bringing together a multi-disciplinary team to establish and track against a best practices approach.

Companies must remain vigilant against cyber attacks. Companies that are able to plan ahead, determine how they will respond in advance will be best positioned to prevent or protect the business from a cyber attack. Eliminating threats is impossible, so managing them and protecting reputation without disrupting business innovation and growth should be top management issues.

It starts with paying attention to the fast changing landscape of cyber attacks.

Javier A. Mercado is regional vice president for financial lines, American International Group, Inc. (AIG) Property Casualty, Latin American and the Caribbean.

Read more Other Views stories from the Miami Herald

  • In My Opinion

    Let’s hear it for the Washington Slurs

    Twenty-four dollars.

  •  
 <span class="cutline_leadin">Campaign:</span> Gov. Rick Scott held a meeting with senior citizens in Miami last week to hear their concerns about changes in Medicare Advantage.

    SCOTT CAMPAIGN

    Scott campaign ads serve up baloney

    The next governor of Florida could be determined by the success or failure of the Affordable Care Act. Or the perception of its success or failure as shaped by the campaigns of Rick Scott and Charlie Crist.

  •  
WENSKI

    IMMIGRATION

    Putting the immigration debate in human terms

    Former Gov. Jeb Bush has elicited the outrage of the anti-immigrant crowd with his recent comment that crossing illegally into the United States to find work to support one’s family is an “act of love.” And, he is right. As the bishops of the Second Vatican Council taught 50 years ago: “Man, who is the only creature on Earth which God willed for himself, cannot fully find himself except through a sincere gift of self.”

Miami Herald

Join the
Discussion

The Miami Herald is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere on the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

The Miami Herald uses Facebook's commenting system. You need to log in with a Facebook account in order to comment. If you have questions about commenting with your Facebook account, click here.

Have a news tip? You can send it anonymously. Click here to send us your tip - or - consider joining the Public Insight Network and become a source for The Miami Herald and el Nuevo Herald.

Hide Comments

This affects comments on all stories.

Cancel OK

  • Marketplace

Today's Circulars

  • Quick Job Search

Enter Keyword(s) Enter City Select a State Select a Category