One warm evening this summer, while I was sitting on the patio of a downtown restaurant with my girlfriends, someone stole my wallet right out of my purse. Of course, I had everything in it, including my credit cards and personal identification.
Once I realized it was missing, I made the necessary calls. It all happened within just a few hours, but that was long enough for some unscrupulous person to have a nice little shopping spree at my—and the credit card companies’—expense.
My experience isn’t unique or even uncommon; I’ve heard many similar stories. Fraud, it seems, is everywhere.
We live and work in a fast-paced environment where financial transactions are conducted online with immediate results. But the trade-off for a more convenient, integrated and paperless society is an increase in the risks involved—and they’re not limited to petty theft.
Cyber security will be a critical concern for companies going forward, explained Alec Ross, former senior innovation advisor for Secretary of State Hillary Clinton, at the recent Risk Management Conference hosted by Canadian Investment Review. He cited examples of companies that experienced major cyber attacks and paid the price.
Target, for example, was hacked by a 17-year-old in Russia, who exposed 40 million customers’ credit and debit cards, and the personally identifiable information of 70 million customers. The company had a resulting 46% drop in profits in Q4 of 2013.
Saudi Aramco—estimated to be the world’s most valuable company—was the victim of the largest cyber integrity attack. For every day the company was offline, Ross explained, the price of gas at the pump went up by seven cents.
For pension funds, the main concern is an attack from hackers who are trying to displace the assets. But just blink and you might miss it: 10 years ago, said Ross, it took 10 seconds to clear an average trade; today, it takes eight ten-thousandths of a second.
What’s even more alarming is that it’s not just external attacks you need to worry about. “It’s increasingly important to not just think about threats from the outside but to increasingly think about threats from the inside,” said Ross, adding that pension funds should understand their own cyber security and include someone with cyber capabilities on their board.
It’s a brave new digital world out there, with a wealth of new opportunities. But, as a pension plan sponsor, you need to be aware of the risks—or you could be the next victim.
And a word to the wise: don’t ever hang your purse on the back of your chair.
Get a PDF of this article.