Speaking at the Willis-IATA-AAPA Aviation Insurance conference in Hong Kong today, Armstrong explained that the aviation industry’s under-preparedness is noteworthy in a sector that abhors uncertainty and works tirelessly to eradicate it.
He added that the recent launch of the American Institute of Aeronautics and Astronautics (AIAA) cyber security framework is a good start, supported by the International Air Transport Association (IATA) aviation cyber security tool kit.
However, he warned that regulators, manufacturers and operators are only now waking up to the pervasive nature of cyber threats. “We remain concerned that cyber risk is not viewed as a significant enabler, amplifier or accelerator of existing risk in the portfolio as well as discrete cyber risk posed for example through use of Cloud technologies. This is a Board Room issue representing a sophisticated challenge to sophisticated organisations.” said Armstrong.
“Risk management professionals need to bring a focus to this issue and represent it to their Boards as a significant extension of existing risk as well as an incremental risk to their businesses. While we believe this is predominantly a risk management issue, the insurance industry has a role to play and must ensure that it has the appropriate solutions on offer not only to help companies deal with the financial fallout from cyber breaches, but also to recognise the significant impact cyber has on existing categories of risk and respond with appropriate risk transfer solutions.”
The umbrella term cyber-risk refers to many interrelated human, governance and technological issues, and is an expression of the impact that cyber vulnerabilities have upon the portfolio of risks that a business faces ranging from data protection, business interruption, physical damage, or the inability to trade – for example under the growing threat of cyber extortion.
“The aviation sector is particularly vulnerable to aggregated risk consequent upon cyber vulnerabilities because there is such heavy reliance upon digital capability and the very high degree of integration in a very sophisticated supply chain. Vulnerability and weakness in any part of the supply chain can and does have significant impact on the safety and effectiveness of the whole.” noted Armstrong.
|