As the frequency of ransomware attacks increases, organizations must consider that it’s not just data that hackers are targeting. There is an increasing risk of business interruption (BI). This growing digital peril has presented new challenges to business continuity and security.
“The landscape has changed the cyber risk,” says Bianca McKenzie, head of claims preparation, advocacy and valuations U.K. at Aon. “With ransomware becoming commonplace, we’ve gone from it being oriented around liability to a focus on disruption. That is the cyber criminals’ new goal: to disrupt businesses rather than just to extract data.”
While organizations are used to considering business interruptions related to circumstances like property damage, the threats of cyber BI can have much wider ramifications. For a business with operations in multiple sites — even multiple countries — the BI impact of a ransomware attack can reach beyond a single property and disrupt operations worldwide.
We often speak to clients that have been newly appointed to the leadership of climate risk or sustainability functions. It’s not uncommon to find them at first struggling to prioritize actions for the surging ESG and climate risk factors they are facing. To be successful at converting the company’s ESG goals into action, managers should follow these steps:
“Before ransomware like that was unfathomable,” says McKenzie. “You couldn’t imagine that operations could be disrupted to an extent that it would financially impact clients at a global level.”