BOARDS are failing to protect their companies and customers against cyber attack, despite more companies taking out cyber insurance, according to new research.
Less than a third of boards surveyed in Marsh’s UK Cyber Risk Survey Report 2016 are taking responsibility for cyber risk, though this is a rise from 19% in 2015. Fewer still are assessing the wider risk to their companies and customers via the supply chain.
Just over a quarter of respondents said their company’s supply chains are assessed for cyber risks, up slightly from 22% in 2015, meaning the majority are leaving themselves exposed through third-party suppliers.
Cyber risk is no longer just about data security, an attack has the potential to result in operational disruption, physical damage, bodily injury, and perhaps most important of all, reputational and brand damage.
The recent Cyber Security Breaches Survey 2016 report published by the government found that 65% of large organisations and 51% of medium organisations have suffered a security breach in the past 12 months.
The number of companies saying they have a basic or complete understanding of their company’s cyber exposure has risen to 83% compared to 61% last year, according to the survey.
“The gaps in assessing supplier risk and quantifying the scale of cyber threat suggest that there is still plenty to do,” Mark Weil, CEO, Marsh UK & Ireland, said.
IT departments remain responsible for the review and management of cyber risks in the majority of companies. Although IT departments might know how to implement cyber security, they are not necessarily skilled in identifying business-critical risk or mapping the potential operational and financial impacts on a company.
Marsh’s research showed that 29% of respondents have bought, or are in the process of buying, cyber insurance cover. An additional 26% are seeking quotes for cyber insurance.
The survey found that while more than two-thirds (67.6%) of organisations have planned for sources of funding in the event of a cyber-attack, Marsh said it questioned the adequacy of the methods given that just 35.4% of them have conducted or estimated the financial impact.
What can you do to ensure your employees know the company policy and stick to it? Hear from other CFOs and experts in our free-to-view video
What are the next big technologies which can help keep cyber criminals at bay?
The application of robotics in finance functions is moving faster than predicted. Although, companies are cautious in how they are applying artificial intelligence to ensure results first, many are stepping up their investigations
Co-operative Group is trialling a new blockchain technology that can be used to track food from source to ensure its authenticity and sustainability