A total of 77% of midsize to large companies intend to have some kind of cyber insurance coverage in place within the next 12 months, while 42% of risk managers in the U.S. plan to increase their level of cyber insurance, or purchase it for the first time in the coming year, says Munich Reinsurance Co.
Munch Re which based its conclusion on a survey of 100 risk managers of midsize to large U.S. companies conducted at the Risk & Insurance Management Society Inc.’s annual conference in Denver in April.
Among other survey results, 82% of the risk managers surveyed said they feel there are suitable and adequate cyber insurance policies available to meet their needs.
Of the 23% who do not plan to purchase cyber insurance, five out of six said they feel current insurance offerings do not meet their needs or would not be relevant for their business.
A total of 43% of risk managers are reluctant to use or increase their use of cloud software because of data security risks, according to the survey. Among those, 29% said hacking was a top concern, 25% cited data theft, 22% cited loss of control over data, 13% cited data loss and 11% cited loss of access to data.
“We were surprised that the number of risk managers reluctant to use or increase their use of the cloud computing was not higher,” said Tim Zeilman, vice president of Hartford, Connecticut-based Hartford Steam Boiler Inspection & Insurance Co., a subsidiary of Munich Re. “This seems to indicate that large and mid-sized companies are becoming more comfortable with cloud solutions.”
In addition, 42% of risk professionals said conducting regular network penetration tests is the best way to mitigate risk. Other tactics include: hiring trained security personnel, cited by 16%; conducting automated/centralized security patch updates, 15%; outsourcing information technology applications and data warehousing, 12%; ensuring acceptable use of policies and procedures, 9%; and purchasing insurance, 7%.