Subscribe to Our Blog
This past March, a ransomware attack caused government operations in Atlanta to come to a complete standstill. It left courts unable to process warrants, residents unable to pay bills online, and travelers unable to use airport Wi-Fi. Attacks like these have become the rule rather than the exception for businesses, with former FBI director Robert Mueller saying it best: “…there are only two types of companies: those that have been hacked and those that will be hacked.” Everyone is a target, so the seeming inevitability of becoming a hacking victim has now made risk management strategies more important than ever.
The Enterprise Risk Management (ERM) Symposium, presented by the Casualty Actuarial Society (CAS), Canadian Institute of Actuaries (CIA) and Society of Actuaries (SOA), was held April 6-8 in Arlington, Virginia. I attended two sessions on cyber risk and the speakers expressed some common themes. One stated that there were two kinds of companies: those that have had a data breach and those that are not aware they have had a data breach. More than 1,868 breaches were reported in the United States in 2014.
« Show All Blog Posts