Are we thinking correctly on cyber risk? Maybe the headline hacks, or big ticket ransoms are not the true risk profile? Here are some thoughts from Intangic;
Technology company Intangic has published research calling for a new approach to managing nation-state cyber attacks – away from a focus on the catastrophic ‘Cyber Armageddon’ and toward the higher frequency events happening every day. Intangic’s technology and proprietary model are at the core of Intangic MGA, a data-science driven, London-based cyber Managing General Agent (MGA).
The company said that outside of the individuals and entities on the frontline of cyber warfare today, the general perception of state-sponsored cyber adversaries’ tactics and activities is different from the reality. Specifically, the fear of a rare, catastrophic ‘Cyber Armageddon’ event that could happen runs contrary to the constant stealth attacks that are happening and puts corporations at risk of misallocating resources to effectively manage this dynamic threat.
The paper – Reframing the Risk Calculus for Insurance of Nation-State Cyber Attacks – was written by Intangic Founder and Chief Executive Officer, Ryan Dodd, Vice-President of Marketing, Chris Nolan, and Founder and CEO of Souhegan Group Risk Solutions, Chris Nissen.
“Understanding the frequency and severity of attacks and the tactics employed by nation-state adversaries can better protect against the more probable events that could cause economic damage to companies,” said Mr. Dodd in the executive summary. If risk management programs put too much emphasis on planning for a rare Cyber Armageddon, we could end up creating a blind spot in containing losses from a much higher likelihood event risk: a less severe nation-state attack unintentionally causing a chain reaction of ‘cascading’ damages.”