2018年8月31日星期五

HKSTP SPARK Seminar on Cyber Security Threat Update

The HKSTP SPARK seminar named “Cyber Security Threat Update” was organized by SPARK on 31 Aug 2018.  SPARK is a dynamic community in the heart of Science Park.  Today’s seminar invited experts from MARSH to discuss the cyber risks, trends and impact, as well as, ways to protect organization.  Ms. Naureen Rasul (Cyber Leader, Asia, MARSH) was the first speaker.  She briefed the cyber risks based on MMC Cyber Handbook (2018) that hackers were 80% more likely to attack organization in Asia but 78% of internet users in Asia had not received any education on cybersecurity.


Then Ms. Naureen Rasul introduced top 5 risks most likely increase in Asia.  


Based on Marsh/Microsoft Global Cyber Risk Perception Survey in 2017, Financial (31%) was the top targeted industry.


In Fintech, top six security threats were Ransonware, Malicious emails, Phishing emails, IoT, Password hygiene and Software vulnerabilities.


Then Ms. Rasul briefed GDPR impact in Hong Kong.


Finally, she mentioned some best practices for handling cyber risk included four basic components of risk management that were Avoidance, Mitigation, Transfer and Acceptance.


The second speaker was Ms. Sharon Kerr (FINPRO Leader, Asia, MARSH) and she shared insurance solution.  She introduced simplified data breach timeline such as Discovery, First Responses, External Issues and Long-term Consequences.  


She briefed the stand-alone cyber policy included first party costs and other expense, as well as, third party liability and defense costs.


There were four types of insurance policies that were Crime, Professional Indemnity, Directors and Officers, and Cyber.


Finally, she mentioned risk transfer options in Property, Cyber and Casualty.


Lastly, Ms. Naureen Rasul introduced their Cyber Assessment and Analytics service that included Cyber Threat Environment Assessment and Cybersecurity Program Maturity Assessment.


At the end, she shared what underwriter looking for items to us.


Q&A session
Participants interested on service charge and benefit.  Ms. Rasul said it based on what kind of service your organization needs and it should be small amount on company’s IT budget.  I asked about Professional Indemnity Insurance coverage such as GDPR.  She said it could cover but depended on different country regulation.


Reference:

沒有留言:

發佈留言