From emerging risks to core business

As part of its comprehensive risk management, Swiss Re also addresses "emerging risks": newly developing or changing risks that are difficult to quantify and whose potential impact on our business is not yet sufficiently taken into account.

Based on the assessments through our SONAR process, we have been highlighting selected emerging risks by publishing a case study in each of our Corporate Responsibility Reports since 2007.

Two of these emerging risks, in particular, have become highly relevant for our business since we first identified them: "Critical infrastructure" and "Cyber attacks". Below you can read our original assessments of these risks and how we have been addressing them.

Infrastructure

"Critical infrastructure" is one of the emerging risks that have become relevant for our core business since we first highlighted it.

We first drew attention to "critical infrastructure" as an emerging risk by including a case study in our 2008 Corporate Responsibility Report.

Our original assessment

This is an excerpt from the original case study (the full text is available (PDF:) here):

"The term critical infrastructure is used to denote various types of infrastructure whose damage or disruption would seriously undermine public health and safety, the environment and social well-being. In many parts of the world, critical infrastructure is aging, mainly due to insufficient maintenance, underinvestment in renewal and complex ownership structures. … Insurance could be a powerful tool in stimulating sufficient risk transfer solutions and investment in critical infrastructure."

"Critical infrastructure" has since become an important topic for our asset management, risk dialogue and underwriting. As long-term investors, re/insurers can make a tangible contribution to bridging the emerging infrastructure financing gap. For this, the right pre-conditions need to be set, though.

Recent activities and initiatives:

Our activities on the topic of infrastructure are regularly updated here.

Cyber attacks

"Cyber attacks" is one of the emerging risks that have become relevant for our core business since we first highlighted it.

We first drew attention to "cyber attacks" as an emerging risk by including a case study in our 2011 Corporate Responsibility Report. At the time we focused on risks potentially created for Supervisory Control and Data Acquisition (SCADA) systems.

Our original assessment

Below is an excerpt from the original description (the full case study is available (PDF:) here):

"Today, most large industrial plants and critical infrastructure facilities, such as power generation & distribution or oil/gas production & distribution, are increasingly controlled by webs of computers, commonly known as Supervisory Control and Data Acquisition (SCADA) systems. … Because their critical information software is increasingly connected to global data and communications networks, these SCADA systems could be vulnerable to cyber attacks. … Cyber attacks on SCADA systems may lead to failure of the impacted facility, energy blackouts, fire, explosion, injuries or even fatalities and contamination of the environment. In all these cases, the insurance industry would be directly affected. ... The objective must be to translate these threats into manageable risks."

"Cyber attacks" has since become a topic of general importance for our risk management, stakeholder dialogue and compliance procedures. Internally, we have responded to the increasing threat of cyber risks by further strengthening our data protection provisions.

Recent activities and initiatives

Our activities the topic of cyber attacks are regularly updated here.