8CIOReview | | AUGUST 2023IN MY OPINIONCYBER RISKS, AN IMPACTFUL REALITY ­ HOW TO DEAL WITH IT?By Jaqueline Monteiro, Insurance and Risk Manager, SAE TowersWe live in a connected world, which brings many advantages for business. However, it also exposes companies to cyber invasions that can negatively impact corporate image and finances.The agenda on cybersecurity is in the center of debates around the world, as cybercrime is currently one of the major global threats. In addition to exposures to private data and information, a cyber-attack can have a major financial impact. According to Cyber Security Ventures, in recent years, financial losses from hacker attacks have exceeded USD 6 trillion worldwide, surpassing losses from natural disasters on the same period (that was approximately USD 600 billion). In 2022, cyber-attacks increased around 38%. The shocking numbers represent the largest transfer of economic wealth in history, directly impacting corporate finances. The most common incidences are fraudulent phishing schemes, that is, data leakage caused by viruses entering the system via email or links with malicious content and ransomware, which is data kidnapping. The targets were mainly educational institutions and companies in the health sector followed by banks.Data related to a process, especially revolving around a company's product, is more important than its market value. Systemic data is the main value of the organization as it is the central core of information that comprises the formulas and components of the final product, making information security the focal point for the survival in the corporate world.The financial impacts caused by a cyber-attack can be irreparable. Although the use of technology is a stimulus to increase productivity and efficiency in companies, most of the time when new technologies are implemented, there are no mechanisms for evaluating the increased exposure that these new technologies may cause. Organizations still do not see these potential new risks. Today the level of uncertainty regarding cyber-attacks is almost non-existent; fatally at some point the company will be the victim of an attack.Faced with this scenario of potential risks, the necessity to adopt protective measures - both for data manipulated by human interface and for data interconnected between suppliers - customers and companies is paramount, it is necessary to evaluate its entire database.Realizing the impactful reality, both public and private entities are in constant motion to create defense solutions to protect the data of companies and people. In May 2018, the General Data Protection Regulation (GDPR) law came into force to protect the European Union and its citizens from the violation of data privacy, bringing rules to the structural environment of information security, which inspired other countries around the world, such as Brazil, where the law 13.709/18 (General Data Protection Law) LGDP was created in 2018 and enforced in 2020 with the same purpose.But if the risks of attacks are in evidence, what needs to be done to minimize them, mitigate them in order to protect the company's assets?The answer is to deploy Effective Cyber Risk Management, integrating all points in the system to generate a picture of risks and security vulnerabilities in order to protect Jaqueline Monteiro
< Page 7 | Page 9 >