April 30th, 2014
Annualized Cyber Crime costs in the U.S. are up 26% in 2013 increasing to $11.6 Million per year per organization from $8.9 Million in 2012. While Malicious Code and Denial of Service attacks are leading the charge when it comes to the TYPE of attack; viruses, worms, trojans, phishing, stolen devices, malware and botnets have a bigger impact on small to mid-size organizations. The Financial Services sector was third behind Defense (1) and Energy & Utilities (2) as respects average annualized cost per industry. The preceding 4-year average was $16.8 million but in 2013 average annualized cost for the Financial Services sector was up to $23.6 million.1
On April 15th, The SEC issued a Risk Alert, citing that their Office of Compliance Inspections and Examinations (OCIE) examination priorities for 2014 will include a focus on technology, including cybersecurity preparedness. Moreover, on March 26, 2014, the SEC sponsored a Cybersecurity Roundtable whereby Chairman Mary Jo White underscored the importance of this area to the integrity of our market system and customer data protection.
The SEC has issued guidance on what the OCIE may ask for as part of its new focus on Cyber Prepardeness:
A bulk of the SEC's guidance is coming from a February 2014 Study from the National Institute of Standards and Technology entitled "Framework for Improving Critical Infrastructure Cybersecurity"
The study identifies five Framework Core Functions which are to be performed in order to create an operational culture that addresses cyber risk:
While the above referenced functions are critical to addressing operational cybersecurity risk, the company should also seek the proper insurance protection in order to mitigate any potential damages and impact arising out of a cyber breach. To learn more about what is covered under a Cybersecurity Insurance Policy, download our recent coverage overview.
[button link="http://ironcoveins.com/wp-content/uploads/2014/04/Cyber-Presentation-Hedge-Funds-4.30.14.pdf" target="_blank" title="Download" size="normal" color="blue"]
Footnotes
1. 2013 Ponemon Cost of Cyber Crime Study: United States