Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

C-suite concern over cyber risks appears to wane: Survey

Reprints
C-suite concern over cyber risks appears to wane: Survey

Risk management professionals believe their board members and executive management view cyber risk less seriously than they did the prior year, says a survey issued Thursday.

A total of 62% of risk professionals said their board of directors view cyber risk as a significant threat to their organization, which is down from the 83% who said they did so in 2016’s survey, according to the seventh annual survey released by the Zurich Insurance Group Ltd. and Advisen Ltd.

And 60% of the risk professionals surveyed said executive management views cyber risk as a significant threat, compared with 85% in 2016.

A total of 315 respondents participated. This was the first time there was such a finding in the seven years of the survey.

“This could indicate board members have become more comfortable in their understanding of cyber exposures,” says the Security and Cyber Risk Management survey report.

“Or, it could mean risk professionals are not up-to-date on the evolving nature of cyber risk and the possible magnitude of the losses,” it says.

Among other survey results, 35% of the respondents rated data integrity risks as “high risk” compared with 22% who did so for business continuity risks.

In addition, only 53% of respondents knew of changes or upgrades made following high-profile attacks in early 2017.

“This could indicate that risk professionals are either less educated about the exposures, have concluded these exposures are less significant to their business, or are confident (or overconfident) in their cyber security controls,” said the survey report.

“Or the reason could be that risk professionals are not fully aware that the nature of the cyber risk has been evolving beyond data security and toward interconnected risks including business interruption due to malware and ransomware attacks,” it said.

The survey also found many organizations are taking a multifaceted approach to their preparation and response strategies by using a combination of internal and external resources.

The email survey, which was conducted in August and early September, represents businesses of all sizes but is slightly weighted toward smaller companies, with 56% of respondent companies having revenue of $1 billion or less.

 

Read Next

  • Willis Towers Watson calls for board effectiveness to prepare for emerging risks

    Willis Towers Watson P.L.C. has called on listed companies in Singapore and Asia to prepare themselves for emerging risks by addressing the composition and effectiveness of their boards, Middle East Insurance Review reports. Many boards still lack the diversity and specialist skills required to successfully navigate new challenges, the insurance broker said. It is only through diversity of thought and experience – covering functional expertise, market experience, geographic exposure, tenure, and gender – that today's boards will be able to effectively navigate the challenges of the future, it added.