BY Richard Summerfield
Despite an increase in the number of cyber attacks and data breaches over the last 12 months, including a number of high profile cyber events, there has been a decline in how seriously C-suite executives view cyber risk, according to a report from Zurich and Advisen Ltd.
In ‘The Seventh Annual Survey on the Current State of and Trends in Information Security and Cyber Risk Management’, 60 percent of the risk professionals surveyed said executive management view cyber risk as a significant threat to their organisation. However, this is down significantly from the 85 percent recorded in 2016.
The eroding of the importance of cyber security issues among senior management is a worrying trend, particularly in light of the number of cyber incidents recorded over the last 12 months, as well as the volume and value of the data stolen.
According to the report, only 53 percent of respondents knew of any changes to their companies’ cyber security systems in response to the high-profile attacks that took place in early 2017. Furthermore, growth in the purchase of cyber insurance has gone stagnant after a steady six-year increase from 35 percent to 65 percent.
“These findings may indicate that businesses are not up to speed on the magnitude of impact that business interruption losses are beginning to have on businesses,” said Erica Davis, head of Specialty E&O for Zurich North America. “Businesses must adopt a mindset of resilience that extends beyond the four walls of their organization. As cyber security breaches persist, it is more critical than ever to engage in an ongoing, comprehensive review of all business partner relationships including how those vendors and business partners approach their own exposures and controls and how the vendors’ supplier approach fits into their overall resilience plan.”
A total of 315 respondents, across a spectrum of businesses of all sizes, contributed to the report. Fifty-six percent of respondent were from companies with revenue of $1bn or less.