Loss or damage of data information an issue for more companies, industries says Marsh exec

Data is increasingly being regarded as an asset since discussions around cyber security and privacy have moved beyond the realm of e-commerce to touching all types of organizations and industries today, Greg Eskins of Marsh Canada suggested during a presentation in downtown Toronto Tuesday. 

“The loss or damage of data information is an issue, I think, that has been overlooked in years past, but I would say most of us today, if you’ve taken account of your business, probably data makes up a significant asset,” Eskins, vice president of financial institutions and professional services practices, said during the cyber insurance session at the Ontario Risk and Insurance Management Society’s Professional Development Day.

“The loss of revenue due to a computer attack, a breach or a hack is certainly something that’s more relevant to more organizations today,” Eskins said. “That used to be only for those who were involved in e-commerce. That’s no longer the case because most organizations communicate, therefore generally derive at least a little bit of revenue from working between each other,” he explained.

Of course, all types of data must be considered. With privacy information, for example, “typically the government is more concerned with personal information,” Eskins told delegates. “But what I would say is don’t lose track of the corporate confidential information that you may hold,” he said.

“You may have corporate confidential information on business partners, about their processes, the various ways they do things and, obviously, that is just as much of a concern as is the financial information of your employees or your clients,” Eskins emphasized. Citing the Coca-Cola formula as an example, “if that information became public, it would effectively destroy a brand and it would bring with it billions of dollars of damages and liability,” he said.

“We all connect through technology,” Eskins told attendees. “The reality of the situation is that despite the best security in the world, ultimately, if there are those who are looking for information that you have, inevitably you can very well be hacked.”

The comment was not meant as fear mongering, but rather to encourage introduction of as many protections as possible. “Not unlike your property programs where you have extra expense to respond to a fire that knocks out a physical building, certainly if your IT systems and infrastructure were down, there would be significant expense to get that back up and running,” Eskins said.

With respect to business interruption, a recent study indicated unplanned outage of IT is the number two concern, second only to adverse weather events, including natural catastrophes, he reported. “What that tells us is regardless of the industry you’re in – manufacturing, service, health care, retail, what have you – the fact is there’s a significant dependence on IT and interconnectedness in doing business,” Eskins said.

“Not many organizations that I know go without protecting their organization on the physical property side of business interruption. But when we talk about cyber, it’s just one in which people don’t really think about the fact that if provider X was down, that’s going to impact me materially.”