Organisations must respond to avoid repeat of 2008 crisis.
Zurich Insurance Group in collaboration with the international think tank Atlantic Council has published the Zurich Cyber Risk Report, which highlights seven cyber risks that have the potential to become a system-wide risk.
The report points out that increasing reliance on information technology has created a web of interconnected risks for organisations, which if not checked, could snowball into a major system-wide risk, with shocks similar to the 2008 financial crisis.
Seven cyber risks have been identified in the report. These include internal IT enterprise, counterparties and partners, outsourced and contract, supply chain, disruptive technologies, upstream infrastructure, and external shocks.
The report argues the imperative need for cyber-risk management professionals to look beyond the prism of their internal information technology safeguards as various services which are outsourced to third parties can lead to system-wide risks.
Zurich Insurance Group chief risk officer and regional chairman Europe Axel Lehmann said: "Organizations are unknowingly exposed to risks outside their organization, having outsourced, interconnected or exposed themselves to an increasingly complex and unknowable web of networks.
"Few people truly understand their own computers or the internet, or the cloud to which they connect, just as few truly understood the financial system as a whole or the parts to which they are most directly exposed."
The report also calls for organizations to incorporate best practices from financial governance such as creating a G20+20 Cyber Stability Board to enhance cyber risk management and identifying and improving the governance of G-SIIOs (Global Significantly Important Internet Organizations).