'Cyber is Uncharted Territory And It’s Going To Get Worse…’

During the recent shareholder’s meeting of the celebrated investment firm Berkshire Hathaway the company’s CEO Warren Buffett warned that there’s about a 2% risk of a $400 billion disaster occurring as a result of a cyber-attack

“This is uncharted territory and it’s going to get worse, not better. You’re right in pointing that out as a very material risk that didn’t exist 10 to 15 years ago, and will get more intense as time goes on,” Buffett said, replying to a question about how he prepares for a big cyber-related disaster.

Berkshire Hathaway’s insurance arm offers professional liability with cyber insurance, but Buffett said he doesn’t want his company to be a pioneer in the arena, since it’s largely unpredictable.

A Known Unknown

“I think anybody that tells you now that they think they know in some actuarial way either what general experience is likely to be in the future, or what the worst case would be is kidding themselves. And that’s one of the reasons I say that a $400 billion event I think has a roughly 2% probability per year of happening.”

Buffett said that while insurance companies have a pretty good idea of the probability of an earthquake happening in California or a major hurricane hitting Florida, cyber disasters are still an unknown.

“Frankly, I don’t think we or anybody else really knows what they’re doing when writing cyber [insurance],” Buffett said. “It’s just really, really early in the game. We don’t know the interpretation of the policies will be. We don’t know the degree to which they’ll be correlated.”

The Bad Guys Are Always Ahead
Buffett also explained that when he speaks to cyber-security experts, they tell him that the offense is always ahead of the defense, and that will continue to be the case. That’s a smart call, and exactly how big tech companies currently think of the cybersecurity landscape. To offset this, the companies actively hunt for ways attackers could penetrate their systems and plug those holes before hackers can find them.

After all, the world runs on software, and software is written by humans who are just as flawed as you and me. No matter how much they try, they’ll still end up accidentally inserting some kind of error into their code that can be exploited. That’s just how the system works.

This isn’t the first time Buffett has opined on cybersecurity. In 2017, the CEO said he doesn’t understand much about cyber-attacks, but said that it is “the number one problem with mankind.” He even went so far as to compare cyber-attacks to nuclear and biological weapons.

That might seem like an exaggeration, but cyber-attacks can impact everything from elections, like the Russian meddling campaign during the 2016 elections, all the way up to nation state attacks on critical infrastructure like nuclear power plants. 
And unlike nuclear and biological weapons, cyber weapons are being created and used regularly.

But it’s not all doom and gloom, as Buffett pointed out that while a $400 billion cyber-attack will destroy companies, Berkshire would still likely turn a profit in the same year.

Yahoo Finance

You Might Also Read: 

About Cyber Insurance:

Global Cyber Attack Could Cost $53Billion:

Will Cyber Insurance Providers Reward Good Security?:
 

 

« How Do Hackers Hide Their IP Address?
NSA Spies Triple Text and Phone Collection »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Kenna Security

Kenna Security

Kenna Security is a risk intelligence & vulnerability management platform that helps prioritize and remediate vulnerabilities.

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU CCIS is a national centre for research, education, testing, training and competence development within the area of cyber and information security.

Cymbel

Cymbel

Cymbel provides businesses and government agencies with the tools and expertise they need to manage the most complex security and compliance challenges.

limes datentechnik

limes datentechnik

limes datentechnik is an authority in the fields of cryptography and data compression. The FLAM product family is an internationally accepted standard for efficient and safe handling of data.

Government CSIRT - Chile

Government CSIRT - Chile

Government CSIRT is the Computer Security Incident Response Team for State networks and government cyberspace in Chile.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) undertakes cyber security research and plays a leading role in securing Pakistan’s Cyberspace.

Digital Management (DMI)

Digital Management (DMI)

DMI is a provider of mobile enterprise, business intelligence and cybersecurity services.

Nanitor

Nanitor

Nanitor is a powerful cybersecurity management platform focusing on hardening security fundamentals across your global IT infrastructure.

Amazon Web Services (AWS)

Amazon Web Services (AWS)

Amazon Web Services is the world’s most comprehensive and broadly adopted cloud platform, offering fully featured services from data centers globally.

CCX Technologies

CCX Technologies

CCX Technologies design and develop a wide range of cybersecurity and testing solutions for the aviation, and military and government markets.

Anonos

Anonos

Anonos is a global software company that provides the only technology capable of protecting data in use with 100% accuracy, even in untrusted environments.

Sycope

Sycope

Sycope is focused on designing and developing highly specialised IT solutions for monitoring and improving network and application performance.

Bluerydge

Bluerydge

Bluerydge specialises in cyber security and technology, focusing on the delivery of innovative sovereign solutions through trusted, cleared and experienced professionals.

Modat

Modat

Modat is an AI-powered, research-driven company focused on developing products and services that enable cybersecurity professionals to outpace adversaries.

Federal Office for the Protection of the Constitution (BfV)

Federal Office for the Protection of the Constitution (BfV)

The Federal Office for the Protection of the Constitution (Bundesamt für Verfassungsschutz - BfV) is the domestic intelligence services of the federal government of Germany.