© Gerd Altmann

Risk assessment firm joins cybersecurity venture

A global provider of risk management has announced it is participating in a Horizon 2020 project.

Aon Risk Solutions, the global risk management business of UK-based Aon plc, said it will take part in the ‘Wide-impact cyber security risk framework’, or WISER project aimed at tackling risk of cyber-attacks. By 2017, it is intended that WISER will provide a cyber-risk management framework to assess, monitor and mitigate cyber-risks.

The Innovation Action project, which runs for two years, has a budget of nearly €3.4m, of which just over €2.5m is drawn from Horizon 2020. The project is co-ordinated by ATOS Spain and the consortium also includes participants from Norway, Slovenia, France and Italy.

Speaking about Aon’s participation, Bill Peck, chief commercial officer of Aon Risk Solutions, Europe, the Middle East and Africa, said “Growing business concern about cyber risk was recently highlighted in Aon’s Global Risk Management Survey. Working under a European Commission initiative will ensure that business, government and legislators’ priorities are aligned to commercial needs across the EU, as this emerging risk continues to develop”.

Adding his thoughts, Giorgio Aprile, director of financial industry advisory services, said: “Aon’s involvement in this WISER project will drive practical business outcomes such as a real-time IT assessment platform and a cyber-risk exposure model for non-traditional aspects of cyber-risk”.

The WISER risk platform targets critical infrastructures or highly complex cybersystems that demand real-time and cross-system assessment of vulnerabilities and threats. It is hoped that the project’s analytical tools will be simple and easy to use, facilitating security managers and risk managers in understanding such complex systems. Both private and public sector organisations will be able to assess the potential loss in a specific business context and help determine tolerance range.

WISER will carry out three full-scale pilots allowing organisations managing critical infrastructures to not only anticipate threats in real-time, but also comply with new EU regulations for reporting serious attacks.