Managing digital risks

Recent years have witnessed a rapid technology revolution. Universal adoption of the Internet and increased processing power has enabled businesses to massively increase productivity and complete seamless transactions entirely on-line.

This unprecedented level of opportunity, however, has brought with it unparalleled risk.

Digital risks, such as computer viruses, hack attacks and electronic fraud cost global businesses billions of pounds every year. Despite these losses company directors do not understand how these risks should be managed.

With digital risks exposing companies on a global scale to attacks from countless sources and in numerous forms it is little wonder that insurers have begun excluding them from standard policies.

Traditional theft policies have been complicated by the fact that a company's information assets are often far more valuable than the physical assets on which they are stored. Many companies remain blissfully unaware that hackers have sneaked into their systems and stolen trade secrets, sensitive financial information, or maybe planted a backdoor for later access.

Far from the forcible and violent entry or exit associated with traditional theft, data theft typically happens secretly and silently with no visible sign that a crime has been committed. What's more data thieves are not restricted by geography; a company connecting to the Internet is putting itself at risk on a global scale.

Traditional commercial property policies were never designed to cope with this sort of peril.

By connecting to the World Wide Web companies are exposing themselves to new liabilities. Now they run the risk of liabilities associated with the exposure of customers' sensitive data.

Media liability, once the sole concern of publishers, now threatens every business with a website or e-mail facility. Unlike traditional publishing, however, a company's "journalists" can be its customers, its staff, or even a computer hacker.

Without proper controls on communication systems companies could face legal liability for libel resulting from statements made in e-mails or on websites.

Standard liability insurance does not recognise these new risks.

For companies relying on technology the loss of network connectivity for only a few hours could result in fatal losses. Standard business interruption cover will not provide the indemnity they require.

As the associated losses grow, traditional insurers are being forced to exclude these risks from their standard policies. This has presented an exciting opportunity to those brave enough to accept it. A new market has opened for specialist providers of cyber-insurance, designed to cover the exclusions found in traditional policies.

Companies like Digital Risk Solutions are working with cyber-insurers to develop this market, helping companies to manage these new risks.

The potential reward for those who succeed is vast.

Graeme Newman is director of Digital Risk Solutions Ltd. He can be contacted at: gnewman@digitalrs.co.uk