On 23 November, Otto Kocsis, Principal, Business Resilience, Zurich Commercial Insurance, and Magda Chelly, Head of Cyber Risk Consulting, Marsh Asia, hosted a special webcast on protecting your supply chain, with a focus on cyber risks.
Supply Chains underpin many business functions; hence, disruptions to them will have widespread implications.
Supply-chain related claims have a proven track record to:
- Be huge: Z-Largest: US$500 million, Z-Average: US$65 million.
- Impact many customers simultaneously from just a single event due to a cascading shortage of supply for many customers downstream.
- Be related to exposed industries, such as Automotive, Chemical-Pharmaceutical, Electronics and Food.
Furthermore, Contingent Business Interruption (CBI) claims have been increasing in frequency and size since 2012. Covid-19 has also accelerated businesses’ adoption of technology, increasing the cyber-attack surface for hackers to infiltrate a system.
The interdependence of infrastructures means your business must account for risks beyond just the organizational level. This is especially the case for Cyber risks.
Source: European Union Agency for Network and Information Security (ENISA)
We do not operate in silos—we operate in an ecosystem that communicates through cyber means with vendors and systems at varying levels of cybersecurity maturities. Hence, being in such an ecosystem means you cannot just account for your business’s cybersecurity.
Given the ubiquitous use of technology, every new vendor/supply chain partner you have increases your business’s cyber-attack surface area. Cybersecurity is not yet the priority for many businesses and cyber criminals are very aware of these vulnerabilities from which they can launch their attacks.
There are ways to manage your cyber risks holistically.
Your business needs to know how vulnerable you are and how dependent you are on your suppliers—this enables you to know what can be done to manage your Supply Chain risks.
As a risk advisor, Marsh can help with Vendor Management that considers third-party vendor risks from a cyber perspective. We can also advise on managing cyber risk on the supply chain.
