Skip to main content
close search
site logo
Wayne Spivak's headshot
Wayne Spivak President & CFO

Cyber crime on rise, in both media and reality

Asked on Feb. 23, 2015

Every day, in the news and the broad range of industries news (just fill in your industry), Cyber crime is mentioned. As CFO's have you done anything at your companies to better protect them? Or even enquired of your vendors, trading partners, banks, etc. as to what they have done to not only protect themselves, but your firm?

Answers

Regis Quirin's headshot
Regis Quirin Director of Finance • February 23, 2015

According to Forrester Research, the average cost of a security breach can be as much as $305 per record compromised. Consider that number against the recent JP Morgan Chase Breach of 75 Million Records = $22,875,000,000 OR the recent Anthem breach of 80 million records = $24,400,000,000.

This Risk is evolving. Our CIO has the issue front and center. My role has been to renew our Cyber Insurance (happening now) and consider increasing the coverage level. My recommendation to all is to stay current on all announcements of breeches that are made public, i.e. what hackers are doing and how the government is responding.

There are a few companies out there now that are performing risk assessment and remediation. I am working with one right now – www.spartan3.com.

comment-icon 1
Wayne Spivak's headshot
Wayne Spivak President & CFO • February 23, 2015

There are some articles I've seen (not read) that question whether cyber insurance will be offered in the future.

Sort of like the long term healthcare policies that are slowly disappearing.

Ernie Humphrey CTP's headshot
Ernie Humphrey CTP VP, Thought Leadership • February 23, 2015

It is also about having a plan for once a breach happens to mitigate the impact of the breach. A response plan needs to be in place. One poorly managed data breach can bring any company to its knees. I moderated a webinar, Identify and Avoid the Top 5 Data Breach Costs (https://www.proformative.com/events/identify-avoid-top-5-data-breach-costs), that addresses how to develop a response plan to common types of data breaches..

Regis Quirin's headshot
Regis Quirin Director of Finance • February 23, 2015

I personally believe Cyber Insurance will always be offered. Yet I have not seen any articles to the contrary. However, I see insurance companies requiring a third-party risk assessment, prior to offering the coverage. Not much different from an insurance company requiring a health assessment, prior to extending Life Insurance.

EMERSON GALFO's headshot
EMERSON GALFO CFO • February 23, 2015

Insurance will take care of the financial aspect of the damage. The reputational risk however is hard to quantify and longer lasting. Mitigation will also require significant capital and personnel investments.

The best thing a CFO can do is GET THE BOARD INVOLVED, INFORMED AND ENGAGED regarding cyber risks and plans. It involves strategy afterall.

Want to join the conversation? Submit an answer or ask a question by emailing us at [email protected]

Submit an answer
Filed Under: Technology
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell