Duqu 2 malware uncovered
IB Times

Zurich Insurance Group has revealed seven types of cyber-attacks and has warned companies that they need to improve their risk responses to avoid a global shock similar to the 2008 financial crisis.

In a report, entitled Zurich Cyber Risk Report, research shows that risk management professionals still lag behind in understanding how serious certain forms of cyber warfare can impact the overall company and the reliance on information technology has also created a complex web of interconnected risks.

"The internet is the most complex system humanity has ever devised. Although it has been incredibly resilient for the past few decades, the risk is that the complexity which has made cyberspace relatively risk-free can – and likely will – backfire," said Axel Lehmann, group chief risk officer and regional Chairman Europe at Zurich Insurance Group.

"Organizations are unknowingly exposed to risks outside their organization, having outsourced, interconnected or exposed themselves to an increasingly complex and unknowable web of networks.

"Few people truly understand their own computers or the internet, or the cloud to which they connect, just as few truly understood the financial system as a whole or the parts to which they are most directly exposed."

The report, which was created in collaboration with the international think tank Atlantic Council, said the following areas present the most risk for companies:

Zurich Insurance Unveils 7 Deadly Cyber Risks
Zurich Insurance Group

Furthermore, Zurich says that data breaches are today's top concern and a serious risk as 2013 was the worst year so far, with 740 million data files potentially viewed or stolen worldwide.

It recommends the following key steps for businesses to start safeguarding themselves:

Zurich Insurance Unveils 7 Deadly Cyber Risks
Zurich Insurance Group

The report follows closely after another new study, which showed that 60% of IT staff do not tell their bosses about security risks until it has become a matter of urgency.

More than half of IT staff said they will only inform managers when the threat is "serious", and will also try to filter out negative results, according to a report by US cyber expert Dr Larry Ponemon, who surveyed almost 600 individuals working in various sectors of IT.

Meanwhile, some countries are now taken more action over cyber security risk, such as the UK.

IBTimes UK reported on 22 April that around 20 British banks and financial firms will undergo a major round of cyber warfare simulations in a bid to test their resilience against hacking attacks.