Martin Flanagan: Cyber-security buck stops with non-executives
This article contains affiliate links. We may earn a small commission on items purchased through this article, but that does not affect our editorial judgement.
The warning to the insurance industry by the Prudential Regulation Authority (PRA) on the need for insurers to assess and anticipate the cyber-risk to which they are exposed through the policies they write for their clients is therefore timely.
Business advisory giant PwC says much work is still needed by insurers in order to measure and mitigate this risk. In a recent survey PwC found that less than 15 per cent of the insurers and reinsurers it cast the slide rule over said they had the data readily available to assess their exposure to rogue cyber attacks.
Advertisement
Hide AdAdvertisement
Hide Ad• READ MORE: Call for action as 1 in 5 firms hit by cyber attacks
This could be considered casual, particularly when more than two-thirds of the same respondents believe that the losses from a cyber “event” could trigger financial losses for insurers akin to those from extreme natural catastrophes such as Hurricane Katrina.
However, the bit of the PRA report that really caught my attention was its stricture that non-executive directors in particular should be held accountable for any failures to properly challenge management as they deal with cyber-security issues.
This is overdue. Non-executive directors – dismissed sardonically once by business magnate Tiny Rowland as “Christmas tree decorations” – have always seemed to get a lighter ride in the wake of corporate financial disasters than the executives.
For the regulator to say explicitly that, on one of the major risks du jour, independent directors should demonstrate that independence through robust cross-questioning in the boardroom is heartening.
Cyber risk is a major danger in our hyper-connected world. It is far too important, not just for corporates but for Britain’s vital infrastructure, to be facilitated by top-level groupthink.
What can we expect in 11 months?