Conclusion: The foreseeability of cyber incidents is widely accepted, but many organisations still have not done the work to identify their own exposures and ascertain what they would do in a crisis. The openness of shipping giant Maersk in talking about the impact of the NotPetya malware on the organisation should be viewed through the lens of “what would that look like if it happened to us?” The business impact of NotPetya on Maersk is clear, but so too are many of the risk mitigations that should be put in place before a cyber incident – and many of these are not directly related to technology. Finally, risk management is just as much about recovering from an incident as trying to prevent one.

Existing Client Login

Please complete all required fields!

This advisory paper is only available to IBRS advisory clients. To find out more about becoming an IBRS advisory client complete the attached form and we will be in touch.

Name^*

Please let us know your name.

Email^*

Please let us know your email address.

Number^*

Please enter a valid phone number

Subscribe to IBRS InTouch for weekly updates outlining content and insights from our advisors Invalid Input

^*

I consent to IBRS collecting my details through this form.

Invalid Input

Invalid Input

Read more ...