Aon Risk Solutions is working with the World Economic Forum to determine a new way for organisations to identify the impact of cyber threats. Aon recently participated on a panel at the World Economic Forum’s Partnering for Cyber Resilience Initiative in Davos. This has developed a new framework to understand and mitigate increasing emergence of cyber as a key risk factor facing today’s global businesses.
The framework, called “Cyber Value-at-Risk” comes at a time when cyber-attacks are increasing in velocity and intensity, and when 90% of companies worldwide recognize they are insufficiently prepared to protect themselves against them. The purpose of the Cyber Value-at-Risk approach is to help organizations make better decisions about investments in cybersecurity, develop comprehensive risk management strategies, and help stimulate the development of global risk transfer markets. The framework helps organizations address questions such as how vulnerable they are to cyber threats, how valuable the key assets at stake are, and who might be targeting them.
Stephen Cross, Chief Innovation Officer, Aon Risk Solutions, said: “One of the risks facing the insurance industry today is the potential for a cyber-hurricane, an event which could impact multiple lines of business, geographies and industry sectors. Accumulation of exposure is a major issue in the risk transfer markets and that is why Aon has worked with clients to incubate this risk within their captive insurance companies. As a leading risk management organization with a focus on all aspects of existing and emerging risk, we recognize that cyber is a significant and challenging risk for our entire client base, regardless of size or industry.”
Elena Kvochko, Manager, Information Technology Industry, Partnering for Cyber Resilience, World Economic Forum, who worked with Stephen Cross and Aon said: “Organizations are increasingly reliant on data-driven technology but have varying needs depending on factors such as the maturity of their security environment as well as different elements in their own industry. The Cyber Value-at-Risk concept is designed to establish a framework which identifies organizations’ defense maturity, asset value and attacker profiles. We were delighted to collaborate with Aon and 50 organizations who have contributed an in-depth understanding of the intricacies of cyber risk.”
The framework is highlighted in a new report, Partnering for Cyber Resilience: Towards the Quantification of Cyber Threats, which also included the input of 50 leading organisations from around the world and can be accessed at http://www3.weforum.org/docs/WEFUSA_QuantificationofCyberThreats_Report2015.pdf