The Three Dimensions of Cyber Risk
Digital, data and cyberArticleNovember 18, 2019
How can today's risk management professionals turn threats into opportunities? Take our three-dimensional approach to managing cyber resilience
The rise of the digital economy has redefined the role of risk as a key driver of business growth and opportunity. According to IDC, over 60% of global GDP will be digitized by 2022, while the World Economic Forum calculates that global spending on security solutions will reach $120.7 billion by 2021.
These world-changing technologies have created more interconnected, interdependent and rapid business networks. They offer scales of efficiency, cost and reach that will increase business competitiveness. However, each one increases the level of cyber risk that organizations face, in terms access to data and systems through the supply chain and the customer journey.
As a result, the profile of risk has been transformed. By viewing new products and services through a three-dimensional lens of cost, security and speed, business leaders can assess the impact across the whole business. Getting the correct balance between these three elements can build cyber resilience that also enables businesses to create opportunities.
“The nature of the [cybersecurity] role has rapidly changed, from a technology-oriented position to a business leadership responsibility,” explains Troels Oerting, Chairman of the Advisory Board Centre for Cybersecurity at the World Economic Forum. “And the evolution is far from over.”
The 3D View of Cyber Risk
1. Cost
“There’s a financial cost, but there’s also an opportunity cost. That is what an organization has to weigh. For example, if the security element becomes more important, the opportunity cost may be lost revenue. Those are some of the trade-offs that have to be made.”Lori Bailey, Global Head of Cyber Risk, Zurich Insurance Group
2. Security
“Security is about resilience, because at some point something will happen. Cyber resilience will not come solely through technology. It’s about understanding the process and training your people.”Lori Bailey, Global Head of Cyber Risk, Zurich Insurance Group
3. Speed
“When we talk about speed, it’s about making sure customers and employees have access to the information they need. Speed relates to how efficient an organization can be, whether it’s internally, or externally to customers.”Paige Adams, Global Chief Information Security Officer, Zurich Insurance Group.