2024-08-06 –, Siena
The year 2023 was a record breaking year for cyber events. The continued threat of ransomware and increased data compromises for 2023 compared to records set in 2021 were in part due to zero-day attacks. Global widespread events such as Zero-day and cloud are becoming more prevalent. The cyber claims and risk environment are evolving, but the key themes remain. The headline costs are often just partial losses, many top companies have leveraged cyber risk models to quantify their potential risk. This session will show attendees what some of the costs are and how the risk environment is changing.
This session will give an update of and take an in-depth look at cyber events’ trend by time, industry, type and an evolving risk environment.
• Drastic increase in privacy events in 2023
o Emerging privacy regulations and claims
o Commonly alleged privacy violations
• Ransomware losses lessen, but severity and sophistication continues
• Update on some cost/severity components of cyber events such as
o Response costs
o Legal fees
o Ransom demand vs payment
o Regulatory environment
o Business interruption expenses
• Additional risk areas to consider:
o Supply chain
o Biometrics
o Pixel tracking
o Operational Technology (OT)
o Geopolitical risk
o Use of AI, personalization
• Recommended top cybersecurity controls
• Cyber events that cause business impact statistics
We’ll show the up-to-date trends and statistics of thousands of actual cyber events and claims from recent years. Ransomware statistics will be from our proprietary database of over 30,000 events since 2019, which includes data from insurance claims, licensed, and public sources.
Marsh McLennan collects cybersecurity incidents and claims data from thousands of organizations in its client portfolio. There are different organization-dependent factors that contribute to the severity of cyber events. These include record counts and types in possession, industry, revenue, and cyber security controls.
Wendy is from Marsh McLennan Cyber Risk Intelligence Center. She specializes in data, data analytics, risk quantification models for all aspects of cyber. She designed and created the various cyber risk models for MMC as well as consulting on cyber risk quantification for clients from various industries since 2017.
Wendy has over 30 years’ experience in the information technology industry, analytics, both in enterprise software, hardware and security. Like many others in the space, she began working in the area of cyber security more than 10 years ago to understand the financial impact of cyber breaches on businesses. Her skills in analytics and data science, combined with her understanding finance, technology and the nature of cyber breaches uniquely afford her the ability to quantify cyber risks.