A major cloud firm outage could cost $120bn, warn insurers

A major cloud computing firm could cause as much financial damage as Hurricane Sandy or Hurricane Katrina, World Economic Forum and risk manager Marsh has warned

Posted 18 January 2018 by Gary Flood

We’ve talked about security a lot in terms of cloud computing the past couple of years.

Maybe the word we should now start using is risk.

That’s the sobering takeaway of a warning in the new World Economic Forum’s 13th annual Global Risks Report, which has found that the international business community now sees “cyber risks” as the fastest-growing concern among businesses, rising from sixth on last year’s list of top 10 risks to their operations..

But the warning has been taken beyond that vague “cyber threats” to the possible impact of a third party crashing a major cloud company: “If an attacker took down a major cloud provider, the damages could be $50bn (£36bn) to $120bn, so something in the range of a [Hurricane] Sandy event to a Katrina event.”

The warning comes from an expert called John Drzik from risk management specialist Marsh, who also points out that cyber attacks now cost around $1 trillion in damage per year compared to 2017’s record of $300bn for natural disasters.

“Cyber is at or above the scale of natural catastrophes, and yet the comparative infrastructure against it is much smaller in scale,” Drizik adds.

“Think about the government agencies and the voluntary organisations which focus on the response to natural disasters, versus national cyber agencies which are much less resourced’ they have some capacity, but not enough to deal with a significantly growing risk.

“International protocols have yet to emerge in dealing with cyber risk.”

The Forum’s report also reports that extreme weather events held on to the top spot but have now been joined by natural disasters, while refugee crises and terror attacks both got rated as less of a threat, according to the survey.