Cyber security trends to know in 2020
In the past few years, we’ve seen companies ramp up their investments in cyber security. But, despite this, cyber risk has remained a major challenge globally. From data theft and online fraud to ransomware attacks and more, the nature of cyber risk is one that’s rapidly evolving and cyber insurance has to keep up. So, in today’s Pacific Prime Singapore article, we’ll tell you the major trends of cyber security in 2020.
Defining key terms
Before we delve into the trends, let’s start with definitions of key terms so that everything is crystal clear.
Cyber attack: A cyber attack is an attempt to disable computers, compromise sensitive information in the form of a data breach, or to use an unsecured computer system to launch further attacks. A person who does so is known as a cyber attacker or cyber criminal.
Cyber risk: The probability of loss to an organization due to cyber attacks is known as cyber risk. The loss can also be defined more broadly to include technical infrastructure or company reputation.
Cyber security: Due to organizations having sensitive data and relying on online spaces, they need to prevent cyber attacks from occurring. Cyber security is the state or process of safeguarding computer systems, networks, devices, and programs from cyber attacks.
Cyber insurance (also called cyber risk insurance): Intended to provide coverage in the event of losses as a result of cyber attacks, cyber insurance is designed for organizations. It may also provide coverage in the event of errors and omissions like data breaches.
Cybersecurity trends to know
The main trends are digital dependency on behalf of organizations, the technology used by attackers, as well as growing regulation in the industry. Understanding these cyber security trends will help organizations with their cyber risk management.
Digital dependency on behalf of organizations:
Organizations today are dependent on digital solutions. With the rise of cloud-based services and 5G cellular networks, there’s bound to be more networking and automation in both industries and households. In Southeast Asia, an estimated 70% of new economic value over the coming decade will be based on digitally-enabled platforms. The Singapore government is even trying to fund research in digital innovation to transform the economy through technology.
However, increased dependencies come with increased cyber risk. There will likely be more scope for cyber attacks on infrastructure, devices, and data. In order to protect themselves, organizations will thus need to up their game when it comes to cyber risk management. This is especially true considering that cyber attackers also have access to technology to conduct far more sophisticated attacks.
Technology used by attackers:
Cyber attacks are being conducted using targeted, networked, and collaborative methods, with a reliance on the latest technologies. For instance, artificial intelligence (AI) is a big theme as it’s being used to identify targets and weaknesses, as well as to cover the cyber attacker’s tracks. One way identities can be concealed is through the use of ‘deep fakes’, which is when existing voices are mimicked.
This AI-powered deep fake technology will be seen in phishing scams or cyber attacks that are used to steal user data like login details and credit card numbers, as well as for identity theft and blackmail. The use of these technologies in the cyber criminal world will increase the criminal’s efficiency, resulting in greater losses for the individual and organizations. Therefore it is imperative to raise awareness on this pertinent issue, as well as spur regulation to protect individuals and organizations from falling victim to these unscrupulous individuals.
Singaporean Prime Minister Lee Hsien Loong even expressed concern over this on a Facebook post and as reported by The Independent. He referred to a case where deep fake technology was used to try and scam the CEO of a UK-based energy company:
“Now, criminals are faking voices to trick their victims. In the first so-called ‘AI-heist’, criminals used voice-imitating AI to mimic a CEO’s voice, to trick his MD into transferring several hundred thousand dollars of company funds to them.”
Growing regulation in the industry:
More than 100 countries have adopted laws protecting consumers’ data. In the EU, the General Data Protection Regulation (GDPR) launched in May 2018 has put data security on the agenda in the continent and largely acted as inspiration for other countries. In Singapore, the Personal Data Protection Act (PDPA) launched in November 2012 takes on this role. But, in recent years, there have been calls to amend this law to include stiffer penalties for information leaks.
Not only does increased regulation serve to deter cyber attacks and data breachers, but it also helps bring the issue into the public eye and hold organizations accountable. It is not uncommon for organizations to be fined large amounts. One example is the record fine that British Airways faced due to a breach in its security system. The following provides a snapshot of what transpired in this case.
Case Study: British Airways and GDPR
According to the Information Commissioner’s Office (ICO), users of British Airway’s website were diverted to a fake website so the airline was fined. This is one of the first since GDPR was introduced, making it compulsory to report data security breaches to the ICO. In this case, details of 500,000 customers were collected by the cyber attackers, including logins, payment card numbers, travel booking details, as well as names, and address information. British Airways had cooperated with the investigation and made improvements to its cyber security arrangements.
The global cyber insurance market
In part due to increased regulation, organizations are turning to the cyber security and cyber insurance market to receive protection. Munich Re, a top provider of insurance-related risk solutions, forecasts that the global cyber insurance market will surge to more than USD $20 billion – this is four times as much as its value in 2018. When it comes to this year alone, the industry is valued at over USD $7 billion. While North America is the strongest market at the moment, there will be solid growth in Europe and Asia.
Industry wide, the demand for cyber insurance mainly comes from the healthcare sector, manufacturing industries, as well as IT, finance, and service companies. There are also more purchases of cyber insurance from small-to-medium sized enterprises (SMEs) as they realize the usefulness of cyber insurance solutions. On the supply side, there has also been continuous improvement in the solutions offered by cyber insurance companies.
These are the two dominant trends we have been seeing:
- Standardization of coverage in the commercial sector, with individual solutions for large industrial enterprises.
- Key coverage elements focusing on business interruption and data thefts.
Looking for corporate insurance solutions?
Pacific Prime Singapore can help you implement corporate insurance solutions. We have been working with companies of all sizes in hedging against business-related risks for over two decades now and are fully compliant with data privacy laws such as the GDPR. We have a global presence and work with 4,000+ corporate clients.
Our expertise lies in cyber insurance, business interruption insurance, public liability insurance, and more. To learn more, visit our corporate resources page for insurance and employee benefits matters. Alternatively, for a consultation, get in touch with a member of our corporate team. Contact us today!
- Budgeting: How to manage your expenses in Singapore - June 4, 2021
- Public Wi-Fi networks: What are the dangers for your business? - May 28, 2021
- Does smoking affect health insurance? - May 17, 2021