Cyber incidents result in a 9% decrease in shareholder value

Issue 6 2023 News & Events, Information Security

Aon published its 2023 Cyber Resilience Report, revealing that, on average, a significant cyber incident resulted in a 9% decrease in shareholder value – over and above the market – in the year following the event. The report serves as a guide to help business leaders benchmark their organisation's cyber risk maturity against peers and make better decisions when managing cyber across six risk areas: cyber, operational, supply chain, insider, reputational and systemic.

Aon's global report is based on proprietary client data collected from Aon's Cyber Quotient Evaluation (CyQu), Aon's Ransomware Supplemental Application and Aon's Operational Technology Application. CyQu is a global eSubmission and risk assessment platform that helps organisations better manage cyber risk by providing visibility into cyber exposures and insurability drivers.

"Companies have experienced new forms of volatility over the last four years, experiencing a rise in the frequency and severity of cyber threats and ransomware events, followed by a cyber insurance market with rising premiums and retentions with significant underwriting scrutiny," said Christian Hoffman, Global Cyber Leader for Aon. "We observe that the C-suite increasingly sees that cyber events have the potential to impact all areas of their business. Achieving cyber resilience is a recurring theme in board room discussions, and the threat is now being addressed from a holistic risk perspective."

Additional highlights from the global report include:

• Cyber risk: Five domains – endpoint and systems security, remote work, application security, access control and data security – demonstrated the most improvement on changes to CyQu risk profiles, providing greater insight into an organisation's most significant risks and control effectiveness.

• Operational risk: Ransomware events decreased 16% from Q3 2022 to Q4 2022, but data from the cyber and errors and omissions insurance marketplace show an uptick in Q1 2023.

• Insider risk: Two in five companies reported a lack of security operations centre controls, highlighting the need for improved cyber security measures to prevent phishing, the most common vector for initial network access.

• Systemic risk: Managing systemic risk is a high priority, stemming from the use of technology in an interconnected world. As cyber threats evolve, risk quantification models and scenario planning are being refined to accurately determine an organisation's risk profile and inform the extent of cyber insurance coverage required.

Aon also published key insights by industry, including:

• Finance and insurance: Insurance claims are rising, with a 38% increase in ransomware claims from Q4 2022 to Q1 2023.

• Healthcare: The overall cyber risk score for healthcare clients improved from 2,6 to 2,8, on a scale of 1 to 4. In 2022, for enterprise and global clients in healthcare, the overall risk profile improved from 'basic' to 'managed' with more than 80% of the companies reporting scores of 2,5 or higher.

• Manufacturing: Aon's CyQu data shows that the overall risk score improved from 2,2 to 2,5 – on a scale of 1 to 4 – in 2022 for mid-market clients in the manufacturing industry; however, 56% of the companies reported risk scores lower than 2,5 in 2022. The median percent of IT budget reportedly spent on security also rose globally, with companies reporting 8,5% of the IT budget dedicated to security.

"Achieving cyber and business resilience is a challenging endeavour for any organisation. Through Aon's broking and consulting capabilities, we help organisations navigate volatility and minimise financial, operational and reputational risk more appropriately," Hoffman added.

View the 2023 Cyber Resilience Report here.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From the editor's desk: A burning issue
Technews Publishing News & Events
      Welcome to the first publication from SMART Security Solutions devoted to the fire industry. In the BMI report, sponsored by the Elvey Group, released earlier this year, fire was the smallest component ...

Read more...
From the editor's desk: Keeping them out, keeping you aware
News & Events
Alarm, intrusion, and perimeter protection have been part and parcel of South African society for years. Many years ago, a home alarm consisted of wires covering one’s windows, which caused an alarm ...

Read more...
SMARTpod talks to The Risk Management Forum
SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Videos Training & Education
SMART Security Solutions recently released its first SMARTpod podcast, discussing the upcoming Risk Management Forum Conference 2024, which will be held on 26 September 2024 at the Indaba Conference Centre in Fourways, Johannesburg.

Read more...
There is a SaaS for everything, but at what cost, especially to SMEs?
Editor's Choice Information Security Security Services & Risk Management
Relying on SaaS platforms presents significant cybersecurity risks as the number of providers in your landscape increases, expanding your attack surface. It is important to assess the strength of the SaaS providers in your chain.

Read more...
New State of Physical Access Control Report from HID
HID Global Editor's Choice Access Control & Identity Management News & Events
HID released the 2024 State of Physical Access Control Report, identifying five key trends shaping access control's future and painting a picture of an industry that has been undergoing considerable transformation.

Read more...
Addressing today’s mining challenges: cyber risks beyond IT
Editor's Choice Information Security Mining (Industry)
Despite the mining industry’s operational technology systems being vulnerable to cyberattacks, many decision-makers still see these threats as purely an IT issue, even though a breach could potentially disrupt mining operations.

Read more...
Workforce Consortium to reskill 95 million people
Editor's Choice News & Events AI & Data Analytics
ICT Workforce Consortium of global leaders has come together, committing to train and upskill 95 million people over the next 10 years, as 92% of jobs analysed are expected to undergo either high or moderate transformation due to advancements in AI.

Read more...
How to effectively share household devices
Smart Home Automation Information Security
Sharing electronic devices within a household is unavoidable. South African teens spend over eight hours per day online, making device sharing among family members commonplace. Fortunately, there are methods to guarantee safe usage for everyone.

Read more...
Tech Trailblazers seeks the most innovative and diverse investors in enterprise tech
News & Events
This year, the global enterprise tech startup awards, the Tech Trailblazers, is looking for the most innovative and diverse VCs as well as its usual hunt for groundbreaking tech start-ups.

Read more...