Asian Transport Industry Sees Digital Vulnerability as No. 1 Risk - Willis Towers Watson Study

Asia's concern over digital vulnerability higher than any other region Digital risks need to be handled at a corporate level Cyber insurance lags behind the fast-evolving nature of such attacks

HONG KONG, CHINA - Media OutReach - 2 March 2017 - Top executives in Asia's transportation industry see digital vulnerability as their primary business risk, reflecting the changing causes and nature of risk in their business, and the need to elevate managing cyber threats to a board-level responsibility, according to a new study from leading global advisory, broking and solutions company Willis Towers Watson (NASDAQ: WLTW).

Based on interviews with 350 C-suite executives in the transport industry globally, of whom 71 are from Asia, the Willis Towers Watson 2016 Transportation Risk Index sheds light on the top perceived threats over a 10-year horizon. It comes at a time when supply chains in the region are becoming increasingly digitalised and interconnected, prompting tighter regulation of data protection and disclosure of breaches.

Participants were asked for their views on 50 specific risks under five broad categories, or megatrends. Executives from Asia ranked digital vulnerability as the top megatrend (table 1) and gave it a risk score[1] higher than any other region did (table 2). The cyber threat was top of the list of specific transportation risks, followed by third-party security vulnerability, particularly in the supply chain, and changes in demand owing to macro-economic conditions (table 3).

"Digitalisation's impact is felt across business sectors, and the transport sector is no exception when you consider the growth of internet of things, artificial intelligence , driverless cars, robo-workers, and smart cities, " said Mark Hue Williams, Head of Transportation Industry for Willis Towers Watson.

Hue Williams added that digital risk mitigation is not the exclusive responsibility of risk managers or IT managers. "Cyberattacks and resulting breaches have broad technical, financial, operational and reputational consequences. Organisations need to take a holistic view -- one that includes their organisational culture -- and form strategies accordingly at a corporate level. In addition, risks lie in each link of the supply chain. So there's a collective responsibility to which every participant in the supply chain must be accountable, not only to their shareholders but also to their business partners."

In Asia, a leading security company said its own cyber-intelligence monitoring revealed that more than a quarter of its transportation sector customers were targeted with advanced cyberattacks during the first half of 2016[2] .  

In terms of cyberattacks, a report[3] issued by Microsoft Asia in January revealed that three of the top five destinations for cyberattacks during the first half of 2016 were in Asia Pacific. 

As cyberattacks become increasingly prevalent in the region, regulators across markets including China and Singapore have tightened rules governing how companies must handle data and disclose any breaches.

China passed a new cybersecurity law in November 2016, requiring enterprises to improve their ability to defend against cyberattacks, while demanding security reviews for equipment and data in certain strategic industry sectors. Transport is a sector classified as "critical information infrastructure" in the new law, which takes effect on 1st June 2017.

Singapore also plans for a new cybersecurity bill to be tabled in parliament in 2017 to better secure its critical information infrastructure. 

"Tighter regulations are pushing companies in the region to attach greater importance to cyber security," said Hue Williams. "Executives must ensure their preparedness and response plans will withstand questioning from shareholders and the public in the wake of a breach."

Despite the prevalence of cyberattacks and tighter regulations across the region, the insurance sector hasn't moved anywhere near as fast. "While insurers are offering various cyber insurance products, the challenges involved in pricing and underwriting cyber-risks have constrained the ability of insurers to fully penetrate this market," said Hue Williams.

"The difficulty stems from the fast evolving nature of cyber-crime, which makes past data unlikely to be predictive of the future. Few historical claims also result in a lack of precedents for reference in applying policy terms and conditions. These challenges have led insurers to be more cautious in their policy offerings," Hue Williams added.

  Table 1: Asia and Australasia megatrend rankings

M egatrend rankings


1.      Digital vulnerability and rapid technological advancement


2.      Geopolitical instability and regulatory uncertainty


3.      Changing market dynamics and business model insecurity


4.      Complex operating models in an interconnected world


5.      Talent management and the complexities of a global workforce


Table 2: CRS for digital vulnerability across different regions





Central Asia

North America

Latin America

Asia and Australasia

Middle East and Africa







Table 3: Top 10 specific transportation risks for Asia and Australasia

Top 10 specific risks


Under which m egatrend

Increased security threat from cyber and data privacy breaches


Digital vulnerability and rapid technological advancement

Third-party security vulnerability digital supply chain resilience


Digital vulnerability and rapid technological advancement

Change in demand due to macro-economic conditions


Complex operating models in an interconnected world

Staff retention


Talent management and the complexities of a global workforce

Inability to keep up with pace of change and technological advancement


Digital vulnerability and rapid technological advancement

Illiquidity and the availability of competitive capital


Changing market dynamics and business model insecurity

Increased complexity of regulation


Geopolitical instability and regulatory uncertainty

Pricing strategy pressure


Changing market dynamics and business model insecurity

Threat from new and emerging competitors


Changing market dynamics and business model insecurity

Globalisation of customer base


Geopolitical instability and regulatory uncertainty



Willis Towers Watson's 2016 Transportation Risk Index is a comprehensive survey commissioned to measure the transportation industry's risk environment as seen through the eyes of 350 senior executives that work for air, sea, rail and road-transport companies. Among those who participated in the survey were 110 CEOs and 80 CFOs. Willis Towers Watson also conducted in-depth interviews with selected executives to gain greater insight into the risks they face. A full copy of the research including infographics that can be re-published on request is available here .


Willis Towers Watson (NASDAQ: WLTW) is a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. With roots dating to 1828, Willis Towers Watson has 40,000 employees serving more than 140 countries. We design and deliver solutions that manage risk, optimize benefits, cultivate talent, and expand the power of capital to protect and strengthen institutions and individuals. Our unique perspective allows us to see the critical intersections between talent, assets and ideas -- the dynamic formula that drives business performance. Together, we unlock potential. Learn more at

[1] Each risk is measured by a Combined Risk Score (CRS), which is calculated by combining the severity of the risk's impact and the difficulty of managing it.

[2] FireEye, Inc.

[3] Microsoft Security Intelligence Report, Volume 21

Purchase this article for republication.



Your daily good stuff - AsiaOne stories delivered straight to your inbox
By signing up, you agree to our Privacy policy and Terms and Conditions.