16 September 2013
Press Release
Risk managers must be stakeholders in cyber risk
management
Today, cyber risks are high on...
Cyber-security, she says, “should be integrated into
the enterprise risk management (ERM) system, and
boards should play a...
consultants with valuable intellectual property, and
critical infrastructure. Buyers should also check what
cover they hav...
(SWERMA), Switzerland (SIRM), Turkey (ERMA) and
United Kingdom (Airmic).
Upcoming SlideShare
Loading in...5
×

FERMA Press Release "Cyber Risks at the Forum"

83

Published on

FERMA Press Release "Cyber Risks at the forum"

Published in: Economy & Finance, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
83
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "FERMA Press Release "Cyber Risks at the Forum""

  1. 1. 16 September 2013 Press Release Risk managers must be stakeholders in cyber risk management Today, cyber risks are high on the list of the most significant risks that organisations say they face, but FERMA board member Julia Graham believes that many risk managers are not yet playing a full part in their management. “There is a tendency in my experience for risk managers to step away from this subject, ceding it to the domain of the chief information officer or his or her equivalent. Yet, this is not only an IT risk. It is an enterprise risk, and risk managers must step up and be stakeholders in its management,” she says. The issues of risk management, risk financing and who should be involved in the management of cyber risks will be the subject of a workshop at the FERMA Forum, which starts on 29 September in Maastricht. Julia has a particular interest in cyber risks and urges risk managers to take part. (See below for a link to full details). She says, “You don't need to be a technology geek to have enough understanding to manage the risk, and there are readily available sources of information and guides that provide the risk manager with easy to digest advice that’s also fit for the board.”
  2. 2. Cyber-security, she says, “should be integrated into the enterprise risk management (ERM) system, and boards should play a critical oversight role. They should ask more detailed questions about cybersecurity threats and responses than they have in the past.” Nor does risk management end once the risk management approach has been agreed. “Cyber threats are exceeding the pace of enhancements in information security. The management of cyber risks should be a continuous process and part of the way an organisation manages all risks", says Julia. Cyber insurance The European Commission is exploring the cybersecurity insurance market, a process which FERMA is contributing to. Julia comments that the scope and limits of cover and entrants to the market for cyber insurance have improved considerably over the past 24 months. She welcomes a trend toward bundling the insurance cover with appropriate value-added solutions, including support for breach detection and response. At the same time, she argues that before insurance is considered, the risk should be assessed, controls understood and, where appropriate, improved. There should then be a gap analysis against existing insurance programmes - some cyber risks will already be covered - and the residual risk evaluated. Only then, is it worth considering whether what risk remains should be insured. Julia points out that the cyber insurance is still in development and coverage needs to be matched to the exposure which varies considerably with the type of business. “The same policy will not suit companies with financial data from consumers, design-led businesses, law firms and other
  3. 3. consultants with valuable intellectual property, and critical infrastructure. Buyers should also check what cover they have under existing programmes,” she concludes. For full details of the FERMA Forum, see http://www.ferma.eu/ferma-forum-2013/ FERMA welcomes journalists to the Forum. To receive a free press pass: use the new users’ registration box in the following link to register for the FERMA Forum – https://bcom.mcigroup.com/Registration/FERMA2013/COMPLIMENTARY.as px Insert the PrFF2013 discount code in the relevant field. For more information, contact Lee Coppack FERMA media coordinator or +44 (0)20 8318 0330/+44 (0)7843 089904 Or Florence Bindelle (assistant Christel Jaumoulle) FERMA executive manager florence.bindelle@ferma.eu or +32 (2) 761 94 31 About FERMA The Federation of European Risk Management Associations (FERMA) brings together 22 national risk management associations in 20 European countries. FERMA has 4,200 individual members representing a wide range of business sectors from major industrial and commercial companies to financial institutions and local government bodies. These members play a crucial role for their organisations with respect to the management and treatment of complex risks and insurance issues. Member associations are from the following countries: Belgium (BELRIM), Czech Republic (ASPAR CZ), Denmark (DARIM), Finland (FinnRiMa), France (AMRAE), Germany (DVS/BfV), Italy (ANRA), Luxembourg (ALRiM), Malta (MARM), Netherlands (NARIM), Norway (NORIMA), Poland (POLRISK), Portugal (APOGERIS), Russia (RusRisk), Slovenia (Sl.RISK), Spain (AGERS and IGREA), Sweden
  4. 4. (SWERMA), Switzerland (SIRM), Turkey (ERMA) and United Kingdom (Airmic).

×