Most companies don’t have enterprise-wide cyber approach
Reprints
Although nearly 75% of organizations have experienced cyberattacks, most companies have not adopted an enterprise-wide approach to cyber risk, says a report issued Thursday.
The survey of more than 650 global cyber risk leaders conducted by Marsh LLC and Microsoft Corp. also found that while ransomware is considered the top cyber threat faced by companies, other prevalent cyber threats include phishing and social engineering attacks; privacy breaches; business interruption because of external supplier/partner cyber disruption; and denial of service attacks.
The survey found that 61% of survey respondents’ organizations buy some type of cyber coverage, which was a 30% increase since the last, 2019 survey.
While 79% of organizations have a response plan in place, 40% of respondents say their organization’s overall cyber hygiene needs improvement, and just 3% rated theirs as excellent.
Among other survey findings, 53% of organizations believe the largest barrier to cyber risk assessments is not having the right employees or talent to do so, while 33% say not having the right data is an obstacle in evaluating new technologies.
The survey also found that vendor and supply chain issues lag among cybersecurity actions taken.
