Tips for Managing Business Risk

Every type of business encounters some level of financial, legal or operational risk. The frequency and severity of these risks depend on the type of services or goods provided by the company, external factors including geography and the overall economy and the business’s use of risk management strategies.

Businesses that adopt a risk-based approach to strategic planning are more likely to thrive. The ability to effectively mitigate, avoid, transfer, and accept risks can minimise the impact of an unforeseen circumstance and accelerate a company’s ability to recover.

Risk Defined

In order to create an effective risk management strategy, you must first understand the concept of risk.

Business Risk is the possibility of your business, or business division encountering an unintended negative circumstance.

Knowing what risks to take and which to avoid is key. That’s where risk management comes in.

What is Risk Management?

Risk management is the process of identifying and minimising the risks that your company is exposed to.

Once you have identified the risks specific to your business, there are several strategies you can put in place to effectively manage them.

1. Observe Safety Procedures

Following the Occupational Health & Safety regulations of your industry is essential and adhering to these rules is the first step to reducing your business risk. For example, if you work in construction, ensuring everyone that is on-site wears a hard hat is not optional, it’s imperative.

 2. Take Preventative Measures

Risks specific to your business are not always covered in OH&S guidelines. Management must consider what these are and put preventative measures in place to reduce the business’ exposure to them. For example, insisting that company passwords are not shared out-with the business can prevent a possible data breach.

3. Monitor Risks

Identifying your risks and risk reduction strategies is the first step to effectively managing your risk, however risk management doesn’t stop there.   Your business risks should be constantly refined and updated as the business evolves. Changes within your industry, regulatory structure, supplier circumstances, customer behavior or economic environment can all affect your risk portfolio, positively or negatively.

4. Get Insured

Risks that cannot be easily managed or mitigated can be covered by business insurance. For example, theft, damage by severe weather conditions and risk of facing an employee lawsuit, are almost impossible to predict. As a business owner, you can access a wide variety of insurance polices to find the most appropriate cover for your business or assets.

5. Create a Risk Response Plan

Mitigating and avoiding risks are an important part of risk management, but they can’t stop every risk. Having an effective risk response plan in place will help your organization recover in the event that a risk does occur. Contingency and backup plans can help ensure your operations and systems are as resilient as they can be.

It takes effort and expertise to effectively manage your business’ risk, but it’s an important part of your strategic operations. Knowing when it is and isn’t appropriate to take risks, and which risks are worth taking makes a huge difference to your business’s success.

Speak to your PSC Connect Authorised Representative for advice on managing business risk.

Disclaimer

Conditions apply for each policy and the information expected from you for a policy to trigger. Coverage may differ based on specific clauses in individual policies. Please ask your broker to explain the additional benefits and exclusions pertaining to your policy.

The information provided is general advice only and does not take account of your personal circumstances or needs. Please refer to our financial services guide which contains details of our services and how we are remunerated.

Aviation Industry Vulnerable to Cyber Attack

On Sunday the 12th of April, Hobart International Airport became the latest victim of cybercrime when its website was infiltrated and defaced with a statement supporting the radical group, Islamic State.

The airport’s website was shut down when police were made aware of the attack at around 3.30am on Sunday the 12th, and wasn’t back online until more than 48 hours after the incident. Australian Federal Police are investigating the incident, confirming that it replicates a number of recent attacks on other websites worldwide that use the same web hosts as the airport.

The attack on Hobart International Airport came just weeks after Peter Armstrong, head of cyber strategy for The Willis Group, presented on the matter of cyber security at the Aviation Insurance Conference in Hong Kong. Armstrong warned that the aviation sector was “particularly vulnerable in the cyber risk space,” fears that have been echoed across the Risk Management and Technology industries. IT experts, Infosec Institute have recently claimed cyber terrorism to be “replacing the bomber and hijacker and becoming the weapon of choice when it comes to attacks against the aviation industry.”

So, why has the risk increased for the aviation sector?

Cyber attacks provide a low-cost, low risk means to carry out disruptive activity with an aim to damage a business, gain financially or further a political agenda. As the aviation industry relies on integrated computer systems for almost every aspect of the business, it is more susceptible to an attack of this nature. The IT system of an aviation business hosts a wealth of private information that is extremely attractive to a hacker. Furthermore, as it is often interlinked with a variety of other systems industry wide, the sheer size and integration of the system provides cyber criminals with more scope to carry out their activities once inside.

The American Institute of Aeronautics has recently launched a cyber security framework for the sector, however Peter Armstrong warned that it’s not enough to mitigate the risk. He warned that aviation companies are only just beginning to consider cyber security to be a significant risk, which is a huge oversight that potentially leaves them open to an attack.

Risk managers within aviation organisations and indeed any organisation that holds sensitive information should work more closely with their brokers in order to gain a better understanding of cyber crime and how to reduce the likelihood of becoming the next victim.

A Cyber Insurance policy provides specific cover to businesses to protect them against cyber attacks online, such as the Hobart Airport example. Depending on the circumstances, a Cyber Insurance policy may include:

  • Privacy Protection – Third party claims from a failure to keep data secure.
  • Breach Costs – Reimbursement of your own costs when a data breach occurs.
  • Cyber Business Interruption – Compensation for lost or reduced revenue.
  • Cyber Liability – Third party claims as a result of content in email, on the intranet, extranet or website.
  • Hacker Damage – Reimbursement for costs to repair, replace or restore systems and data as a result of a hack.
  • Cyber Extortion – Payment of ransom demands, and specialist consultant fees, where a hacker holds, or threatens your network, programs or data.

For more information, speak to your PSC Connect Authorised Representative.

Disclaimer

Conditions apply for each policy and the information expected from you for a policy to trigger. Coverage may differ based on specific clauses in individual policies. Please ask your broker to explain the additional benefits and exclusions pertaining to your policy.

The information provided is general advice only and does not take account of your personal circumstances or needs. Please refer to our financial services guide which contains details of our services and how we are remunerated.