Cyberwar: Is the Sky Falling or Are We Just Paranoid?

Ara Trembly
Insurance Experts' Forum, April 5, 2010

Sometimes the line between legitimate worry and pathological fear can be very thin. Certainly, in a business like insurance, we want to be sensitive to various threats and risks, but when do we say that we’re carrying that sensitivity too far? Most of us would be happy to be characterized as prudently cautious, but no one wants to be called paranoid.

In a recent Wall Street Journal piece, two U.S. senators—Jay Rockefeller (D-WV) and Olympia Snowe (R-Maine)—are saying that our country should prepare for a cyberwar. The article notes that the U.S. needs to prepare for cyber-attacks that could “disrupt or disable vital information networks,” and “cause catastrophic economic loss and social havoc.”

In light of the recent attacks on Google, as well as other such events linked to China, Russia and unaligned hacking syndicates, it certainly seems prudent to recognize such threats and take steps to mitigate them. Yet, I am also hearing some who characterize the threat as overblown, and who point to the fact that previous cyber-attacks have not had such catastrophic consequences. While they may sincerely feel this way, however, I wonder how much of their largesse finds its origins in the economic realm. In other words: “Let’s not tick off China because we can make billions on that market.”

The current “what, me worry?” crowd reminds me a lot of people who were saying the same sorts of things prior to Sept. 11, 2001. Sure, we had terrorists attempting to blow up the World Trade Center, attacks on American embassies overseas, and the sinister attack on the U.S.S. Cole, but these were not major catastrophes, they claimed. While the families of those killed might care to differ, it’s likely that many in this country felt the same way at that time.

Moving back to the cyber-realm, it certainly is reasonable to think that while we haven’t had a 911-like cyber-incident yet, there are those who are dedicated to making it happen. The source of the threat may or may not be the same, but surely we have seen enough in the way of attacks to believe that more are coming—and that the next one could be a blockbuster.

So we are left with a choice. We can bury our respective heads in the sand and pretend that nothing horrible could happen, or we can pull out all stops to prevent what could easily be catastrophic consequences to our businesses, our infrastructure and our people. Call me paranoid if you like, but if it’s up to me, I’m going to err on the side of caution and put safety and security before profits and dollar diplomacy.

After all, isn’t that what we’re all about in the insurance industry?

Ara C. Trembly ( is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on do not necessarily reflect those of Insurance Networking News.

Comments (1)

What is too paranoid?
If you had told me on September the 10th that a bunch of niutjobs might hijack fully loaded airliners and fly them and full speed into some of our iconic buildings, killing thousands I probably would have laughed at you.

Have you noticed how the new Chinese helicopter resembles the European Merlin to the point of being identical. The blatantly copy cars. motorcyles, sneakers and electronics with impunity

The Chinese know they can't grow their economy making low value stuff so they figure they can accelerate their economic growth by ripping off IP from western nations.

The fact is that the US is an information economy and relies on services like Finance, Insurance etc. A major attack could cripple the international financial system. Even a 24 hour interruption in the flow of capital could cause potentially fatal damage to major institutions.

Preventing cyber attack is like any worst case scenario exercise - you have to balance the cost of the improbable/unexpected with the cost of preventing it.

Posted by: Mark E | April 10, 2010 9:59 AM

Report this Comment

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

What Can Insurers Learn from Home Depot?

The latest cyber-attack highlights the importance of helping policy holders defend themselves.

Not Your Father’s Insurance Company

Carriers need to look at new and impactful ways to be there for their customers.

Watch Out. Apple with Mayo is Heading Your Way

From a health care, health insurance and Internet-of-things perspective, questions still remain.

How to Attract Top Tech Talent

When it comes to rankings of the best places to work, insurers are few and far between. Here’s what those who make the lists do to appeal to IT professionals.

New Generation of Data and Analytics in Cloud

Cloud-based data and analytics products are becoming more common among technology companies, small and midsize businesses and departments.

Aligning People, Processes and Technology for Successful Data Governance

Before your data governance project turns into a nightmare, create a data governance team to help people understand and manage the big data challenge, not just their respective pieces.