A marriage of technology and risk expertise
Our new sponsors Fujitsu bring their world-renowned technical expertise. Their arrival as our first-ever technology associate partner reflects Airmic's strategy of helping members diversify their skillsets in an area that will continue to become more and more business-critical. Haroon Malik, Director at Fujitsu spoke at the latest annual conference and reflects on what the new relationship means.
We are proud to be working with Airmic. Whilst your members are experts at risk management, we know a thing or two about technology. The combination of skills could be game-changing for companies, and we would like to help.
It is clear from your recent survey, as well as our own discussions, that technology risks and their potential impact are key concerns for risk managers. These include data breaches, cyber-attacks and the knock-on effects such as business interruption events and the risk of falling behind as competitors and disrupters take advantage of digital capabilities.
A better understanding of digital risks will help your members in their conversations with their IT functions, something that many find difficult, and to consider risk mitigation strategies that go beyond insurance. As was said many times at the conference, the cyber-resilience agenda is far too important to leave to the IT department on its own and must be included within board room discussions.
Perhaps even more important, the knowledge will help them in their discussions with the C-suite. Another recurring theme was the importance of engaging the board fully with the subject of digital risk. Information gives you influence and the ability to talk about these matters with confidence at the highest level
Concern over cyber-security is growing across all sectors of the global economy and the insurance sector faces a challenge in dealing with the complex threat landscape as cyber-risks grow and cyber-criminals become ever more sophisticated. While the insurers recognise cyber as a top-level risk, many firms still struggle to develop and implement strategies that include 'getting the basics right'.
Some examples may include developing processes for policy development, patching, privileged access management and security awareness - areas that still lack focus in many organisations. Organisations must also move away from treating cyber-security as a 'tick box' exercise and instead adopt an intelligence-led approach to mitigate threats and improve cyber-resilience. Cyber-risk management and governance are also vital to ensure that cyber is receiving the senior (and many cases board-level) attention it deserves.
After 40 years in the field of security, Fujitsu believes that the answer to improving cyber-resilience lies in intelligence-led security. A holistic approach to security that works to identify, detect and protect organisations from security threats.
We are currently in discussion with Airmic about ways to put our expertise at members' disposal in a mutually beneficial way and anticipate there will be something to announce shortly.
Haroon Malik is Cyber Security Consulting Director at Fujitsu UK
Members have consistently told us how important cyber and technology risk are and that they want to improve their knowledge of this business-critical area. They have also said they want a shift in the balance towards more enterprise risk management, so I am delighted that Fujitsu has agreed to help in this way. On a personal level I am also proud to see my employer joining Airmic as Technology Associate Partner.
Commentary from Airmic chair Lynda Lucas