From emerging risk to core business: cyber attacks

"Cyber attacks" is one of the emerging risks that have become relevant for our core business since we first highlighted it.

We first drew attention to "cyber attacks" as an emerging risk by including a case study in our 2011 Corporate Responsibility Report. At the time we focused on risks potentially created for Supervisory Control and Data Acquisition (SCADA) systems.

Our original assessment

Below is an excerpt from the original description (the full case study is available under "Download"):

"Today, most large industrial plants and critical infrastructure facilities, such as power generation & distribution or oil/gas production & distribution, are increasingly controlled by webs of computers, commonly known as Supervisory Control and Data Acquisition (SCADA) systems. … Because their critical information software is increasingly connected to global data and communications networks, these SCADA systems could be vulnerable to cyber attacks. … Cyber attacks on SCADA systems may lead to failure of the impacted facility, energy blackouts, fire, explosion, injuries or even fatalities and contamination of the environment. In all these cases, the insurance industry would be directly affected. ... The objective must be to translate these threats into manageable risks."

"Cyber attacks" has since become a topic of general importance for our risk management, stakeholder dialogue and compliance procedures. Internally, we have responded to the increasing threat of cyber risks by further strengthening our data protection provisions.

Recent activities and initiatives

Contact

Related content