It's a question you can't ignore, as the costs of online attacks are skyrocketing. According to a 2011 study by the Ponemon Institute, the cost of cybercrime in the US could range from US$1.5 million to US$36.5 million annually. A 2009 study by IT security company McAfee also estimated the cost of cyber crime reaches US$1 trillion per year.

"Cyber attacks, often in the form of data breaches and network intrusions, can impact operations, frequently result in lost productivity, legal expenses, third party liabilities, exposed intellectual property, and damage to a firm's reputation," said Marc Breuil, Hong Kong president and CEO for US-based Chartis Insurance.

"Hong Kong businesses are significantly unprepared for cyber risk," added Ian Pollard, Chartis vice president, Asia Pacific. "A corporate risk management framework needs to address exposure of data to attack, yet many risk managers in Hong Kong rarely evaluate cyber-risk."

In August 2011, Hong Kong Exchanges & Clearing, operator of the Hong Kong stock exchange, halted trading for eight companies -- including HSBC, Cathay Pacific, Dah Sing Bank, China Power, and HKEx --after its Web site suffered a malicious attack.