What is the likelihood that your organization will experience a material cyber event in the next 12 months? Is the risk greater than 50 percent? Less than 25 percent? These questions are ever-present on the minds of risk managers, who long for at least a practical – if not precise – answer.
Cyber risks are among the most serious perils facing the financial industry. Cybercrime is not only increasing in frequency, but also in magnitude, costing the world an estimated USD 600 billion, or 0.8 percent of global GDP, according to a recent report published by McAfee and the Center for Strategic and International Studies. But while financial institutions have become practiced at estimating most operational risks and using this data to develop risk capital strategies, they often perceive roadblocks to extending these methods to cyber.
This Marsh-authored article appears in the latest edition of the MMC Cyber Risk Handbook, (page 69) which contains Marsh & McLennan Companies’ perspectives on major developments, specific industry implications, and strategies to increase resilience.