Even cyber security experts get caught out. A recent cyber-attack on multinational technology provider DXC Technology, which among other services provides incident response for clients, has shown that even experts are vulnerable to attack. This demonstrates the systemic risk of an industry being reliant on one major supplier.
Lessons from the Xchanging cyber-attack
DXC’s managed services subsidiary, Xchanging, experienced a significant ransomware attack which lasted almost four weeks. The firm worked hard to restore access to its operating environment and kept insurers and brokers up to date with progress, but good comms alone doesn’t keep clients happy. The significant delays in processing claims and premiums will live long in the memories of all involved in the related insurance transactions. A poorly handled cyber event can be an easy way of destroying trust that a firm has spent years building. Transparency is key.
Not all firms adopt a transparent approach. After all, finding out a business is subject to possible regulatory or governmental investigation can be disconcerting. Plus, it’s expensive to manage a cyber event publicly and in challenging times a firm may have other spending priorities.
This means that cover-ups happen, but the cost of a cover-up is likely to be higher than the cost of managing an attack well. For example, Uber tried to cover up a breach and was fined USD148m. While the urge to ignore, deny or even remove potentially incriminating evidence is understandable, it must be resisted.
Supply chain risk
It is often said that the weakest link in a business’s cyber security is its supply chain as a firm’s vulnerability increases with its dependence on a critical supplier. This point is illustrated by the DXC cyber event, which has raised questions about the reliability of one supplier responsible for settling USD100bn of premiums and claims for the insurance industry.
Scrutinise risk registers
Cyber risk isn’t just down to a company’s anti-virus or firewall malfunctioning. It comes down to the core operational controls required to monitor and maintain good working practices. A firm should explore every risk, including business interruption, reputation harm and supply chain failure. After all, the likelihood of a solar flare from the sun damaging satellites, communication systems and power supplies has the same probability and impact as a global health pandemic.
It’s essential that firms keep an up-to-date and comprehensive risk register, which is accompanied by insurance mapping to define what risks are insured against and which are not. DXC will more than likely be considering its own business interruption for both lost revenues and the cost of handling the ransomware attack, along with its liabilities to the insurance industry for causing major disruption.
About Elmore Insurance Brokers
Elmore Insurance Brokers Limited advises its clients to actively manage risk to optimise insurance. Insurance is a partnership between businesses and insurers. This partnership can be significantly enhanced by focused engagement to understand and implement risk management best practice.
Written by Simon Gilbert, Founder & Managing Director, Elmore Insurance Brokers Limited.