Shared information = better risk management
Article information and share options
There are so many cyber threats that it’s impossible for one company acting alone to gain a reliable overview of the risk situation. That’s why companies need to work together and share information to improve their cyber security. It’s a classic win-win scenario.
The benefits of information sharing have not gone unnoticed. The European Parliament, for example, has adopted the Network Information and Security Directive (NISD), which will become effective in 2018. One of the NISD’s provisions is to set up a cooperation network for sharing information among member states. It also requires “market operators” that provide “critical infrastructure” to follow a mandatory security breach and incident notification requirement.
There is also scope for cooperation at an industry level. The US, which is at the forefront of cyber risk management globally, has the Electricity Information Sharing and Analysis Center (E-ISAC). As the name suggests, it’s an energy sector association which gathers data on incidents from private and public sector entities and prioritises the protection of critical power services.
There are issues, for example regarding trust and reputation, which may discourage companies from being open about cyber incidents. However, regulatory requirements are becoming more stringent and the cyber threat continues to grow. These developments will induce companies to overcome any hurdles that may lie on the path to pooling information.
As long as the focus is on risk prevention, there is no reason why companies can’t cooperate as they all share the same motivation. Governments have already started to act, it is up to the private sector now to respond and cooperate with the public sector as well as with their industry peers.
A data breach doesn't mean game over. After a cyber-attack we get you back in business.
Learn more about our Cyber insurance solutions.