Don’t play Russian roulette with your security

What we know about cyber-risk from public sources is just the tip of the iceberg. Nevertheless, the known dangers are sufficiently grave to have seized the attention of senior corporate executives worldwide. There is a huge amount at stake for businesses, both financially and reputationally. Estimates vary widely, but almost all put the current annual cost of cybercrime to business globally at over $1 trillion. The most commonly cited analysis predicts that, by 2025, that number will reach $10.5tn.

Several dangers have an understandably high profile in the media and boardrooms. Ransomware currently tops almost every list, given the highly substantial payoffs that hackers can demand. In 2021, CNA Financial, a Chicago-based insurance company, handed over $40 million.  

On top of any ransom come the potentially higher costs of the business downtime that usually follows an attack, which typically lasts around three weeks. And cyber-risk is growing exponentially. In EY’s…