Published On: Fri, Mar 3rd, 2017

Asian Transport Industry Sees Digital Vulnerability as No. 1 Risk – Willis Towers Watson Study

  • Asia’s concern over digital vulnerability higher than any other region
  • Digital risks need to be handled at a corporate level
  • Cyber insurance lags behind the fast-evolving nature of such attacks

 

 

HONG KONG, CHINA - Media OutReach - 2 March 2017 – Top executives in Asia’s transportation industry see digital vulnerability as their primary business risk, reflecting the changing causes and nature of risk in their business, and the need to elevate managing cyber threats to a board-level responsibility, according to a new study from leading global advisory, broking and solutions company Willis Towers Watson (NASDAQ: WLTW).

wtw

Based on interviews with 350 C-suite executives in the transport industry globally, of whom 71 are from Asia, the Willis Towers Watson 2016 Transportation Risk Index sheds light on the top perceived threats over a 10-year horizon. It comes at a time when supply chains in the region are becoming increasingly digitalised and interconnected, prompting tighter regulation of data protection and disclosure of breaches.

 

Participants were asked for their views on 50 specific risks under five broad categories, or megatrends. Executives from Asia ranked digital vulnerability as the top megatrend (table 1) and gave it a risk score[1] higher than any other region did (table 2). The cyber threat was top of the list of specific transportation risks, followed by third-party security vulnerability, particularly in the supply chain, and changes in demand owing to macro-economic conditions (table 3).

 

“Digitalisation’s impact is felt across business sectors, and the transport sector is no exception when you consider the growth of internet of things, artificial intelligence, driverless cars, robo-workers, and smart cities,” said Mark Hue Williams, Head of Transportation Industry for Willis Towers Watson.

 

Hue Williams added that digital risk mitigation is not the exclusive responsibility of risk managers or IT managers. “Cyberattacks and resulting breaches have broad technical, financial, operational and reputational consequences. Organisations need to take a holistic view — one that includes their organisational culture — and form strategies accordingly at a corporate level. In addition, risks lie in each link of the supply chain. So there’s a collective responsibility to which every participant in the supply chain must be accountable, not only to their shareholders but also to their business partners.”

 

In Asia, a leading security company said its own cyber-intelligence monitoring revealed that more than a quarter of its transportation sector customers were targeted with advanced cyberattacks during the first half of 2016[2].

 

In terms of cyberattacks, a report[3] issued by Microsoft Asia in January revealed that three of the top five destinations for cyberattacks during the first half of 2016 were in Asia Pacific.

 

As cyberattacks become increasingly prevalent in the region, regulators across markets including China and Singapore have tightened rules governing how companies must handle data and disclose any breaches.

 

China passed a new cybersecurity law in November 2016, requiring enterprises to improve their ability to defend against cyberattacks, while demanding security reviews for equipment and data in certain strategic industry sectors. Transport is a sector classified as “critical information infrastructure” in the new law, which takes effect on 1st June 2017.

 

Singapore also plans for a new cybersecurity bill to be tabled in parliament in 2017 to better secure its critical information infrastructure.

 

“Tighter regulations are pushing companies in the region to attach greater importance to cyber security,” said Hue Williams. “Executives must ensure their preparedness and response plans will withstand questioning from shareholders and the public in the wake of a breach.”

 

Despite the prevalence of cyberattacks and tighter regulations across the region, the insurance sector hasn’t moved anywhere near as fast. “While insurers are offering various cyber insurance products, the challenges involved in pricing and underwriting cyber-risks have constrained the ability of insurers to fully penetrate this market,” said Hue Williams.

 

“The difficulty stems from the fast evolving nature of cyber-crime, which makes past data unlikely to be predictive of the future. Few historical claims also result in a lack of precedents for reference in applying policy terms and conditions. These challenges have led insurers to be more cautious in their policy offerings,” Hue Williams added.

 

Table 1: Asia and Australasia megatrend rankings

Megatrend rankings

CRS

1.      Digital vulnerability and rapid technological advancement

62

2.      Geopolitical instability and regulatory uncertainty

60

3.      Changing market dynamics and business model insecurity

51

4.      Complex operating models in an interconnected world

49

5.      Talent management and the complexities of a global workforce

39

 

Table 2: CRS for digital vulnerability across different regions

Regions

Europe,

Russia,

CIS,

Central Asia

North America

Latin America

Asia and Australasia

Middle East and Africa

CRS

45

44

46

62

53

 

Table 3: Top 10 specific transportation risks for Asia and Australasia

Top 10 specific risks

CRS

Under which megatrend

Increased security threat from cyber and data privacy breaches

45.0

Digital vulnerability and rapid technological advancement
Third-party security vulnerability digital supply chain resilience

44.1

Digital vulnerability and rapid technological advancement
Change in demand due to macro-economic conditions

42.1

Complex operating models in an interconnected world
Staff retention

41.6

Talent management and the complexities of a global workforce
Inability to keep up with pace of change and technological advancement

40.4

Digital vulnerability and rapid technological advancement
Illiquidity and the availability of competitive capital

40.2

Changing market dynamics and business model insecurity
Increased complexity of regulation

40.1

Geopolitical instability and regulatory uncertainty
Pricing strategy pressure

39.8

Changing market dynamics and business model insecurity
Threat from new and emerging competitors

39.7

Changing market dynamics and business model insecurity
Globalisation of customer base

39.0

Geopolitical instability and regulatory uncertainty

 

About the Author

- Paul Linus is an eminent online journalist who has been writing news, features and editorials on different websites from across the world for about a decade.

Composite Start -->
Loading...