By Mark Camillo, Head of Cyber and Professional Indemnity, EMEA, and Martin Overton, Cyber Risk Technical Specialist at AIG Companies recognize that supply chain risk is a growing problem, and today, cyber risks and supply chain risks are increasingly linked. For multinationals, cyber risks in the supply chain may be even more significant, as many multinationals rely on third parties to provide services. If any of these third parties suffers a cyberattack, the disruption may result in financial repercussions, or even a loss of customers, for the multinational. |
© 2017 American International Group, Inc. Alle Rechte vorbehalten. |
Cyber Risks and the Supply Chain |
If a third-party supplier provides technology to the company or is connected to the company’s systems, then the company faces an additional risk: cyberattacks can strike the company via that supplier. In fact, there are many examples of companies’ supply chains being hacked via a third-party supplier or a business partner. As a result, companies need to take a closer look at who they are connecting to on the data side. Read on to see which cyber threats could disrupt company’s supply chain and discover best practices to help them combat these risks. These 3 Cyber Risks Could Disrupt Companies Supply Chain
To combat these threats, companies should follow this action plan:
Working with a ratings firm, such as AIG’s partner BitSight, can help companies identify potentially weak partners within the infrastructure. BitSights uses publically available data to rate not only the client company, but also all of the company’s business partners and entities that use its technology. When Human Error is the Problem Ultimately, many cyber incidents arise from human error rather than from technological weak points. Human error is a major area where companies should focus their mitigation and prevention efforts.
Cyber Insurance is Changing to Help Safeguard the Supply Chain Today cyber insurance is becoming part of companies’ engagements with suppliers and vendors. At AIG, we’ve observed an increase in submissions and applications for cyber insurance due to new contract requirements. In the past, vendors and suppliers typically needed to have general liability or professional indemnity insurance. Now cyber is likely to be the next form of insurance required. Currently, when people think of cyber risks, they think about financial losses, fines, and penalties, but looking ahead, cyber risks are likely to cause other losses as well, including property claims or bodily injury. As technology evolves and systems become increasingly interconnected, companies and insurers are planning to help reduce these emerging risks. For more information, please do not hesitate to get in touch with your local contact person. |