Sam Coleman

The USD53 billion dollar threat

In Blog post by Sam Coleman

WannaCry’s estimate of USD8 billion was a tiny fraction of what Lloyd’s of London sees as the next cost of cyber catastrophe… one that rivals hurricane Katrina in financial damages

We’re used to screaming headlines of doom as we march to an increasing digitally connected world. Passwords hacked and identities stolen, ransomware, IoT DDoS, election hacking and critical infrastructure hacks fill the media on an almost deadly basis. But sometimes it takes hitting the global pocketbook to get a sense of the magnitude of cyber complacency.

For that, there are few better bellwethers than the most iconic name in risk insurance, Lloyds of London. And their latest report, issued July 17, paints a catastrophe that—cost wise—rivals hurricane Katrina. They note that the most reasonable scenario would involve the infection of a cloud service provider that spreads malicious code over a long period of time, a year or more, and then springs to life by crashing systems simultaneously and across the globe. A second scenario involves infecting a cloud based operating system. Either way, the magnitude of destruction is formidable.

Though Lloyds estimates an average of USD53 billion, calculating cyber losses is a range proposition: the high could be as massive $121bn or as low as $15bn. Inga Beale, chief executive of Lloyd’s, said: “This report gives a real sense of the scale of damage a cyber-attack could cause the global economy. Just like some of the worst natural catastrophes, cyber events can cause a severe impact on businesses and economies, trigger multiple claims and dramatically increase insurers’ claims costs.

“Underwriters need to consider cyber cover in this way and ensure that premium calculations keep pace with the cyber-threat reality,” she told the Guardian recently.

The cloud scenario is one that leaves the most exposure for the cyber uninsured. In that situation, businesses are lured into a false sense of security as the cloud as seen as self securing. Lloyds estimates that USD45 billion would be the uninsured losses that would be borne by businesses and organisations, potentially crippling many of those firms with exposed costs.