BOARDS are failing to protect their companies and customers against cyber attack, despite more companies taking out cyber insurance, according to new research.
Less than a third of boards surveyed in Marsh’s UK Cyber Risk Survey Report 2016 are taking responsibility for cyber risk, though this is a rise from 19% in 2015. Fewer still are assessing the wider risk to their companies and customers via the supply chain.
Just over a quarter of respondents said their company’s supply chains are assessed for cyber risks, up slightly from 22% in 2015, meaning the majority are leaving themselves exposed through third-party suppliers.
Cyber risk is no longer just about data security, an attack has the potential to result in operational disruption, physical damage, bodily injury, and perhaps most important of all, reputational and brand damage.
The recent Cyber Security Breaches Survey 2016 report published by the government found that 65% of large organisations and 51% of medium organisations have suffered a security breach in the past 12 months.
The number of companies saying they have a basic or complete understanding of their company’s cyber exposure has risen to 83% compared to 61% last year, according to the survey.
“The gaps in assessing supplier risk and quantifying the scale of cyber threat suggest that there is still plenty to do,” Mark Weil, CEO, Marsh UK & Ireland, said.
IT departments remain responsible for the review and management of cyber risks in the majority of companies. Although IT departments might know how to implement cyber security, they are not necessarily skilled in identifying business-critical risk or mapping the potential operational and financial impacts on a company.
Marsh’s research showed that 29% of respondents have bought, or are in the process of buying, cyber insurance cover. An additional 26% are seeking quotes for cyber insurance.
The survey found that while more than two-thirds (67.6%) of organisations have planned for sources of funding in the event of a cyber-attack, Marsh said it questioned the adequacy of the methods given that just 35.4% of them have conducted or estimated the financial impact.
O2's new CFO Patricia Cobian discusses the joined-up approach required to improve digital connectivity - and its vital role in improving the UK's economic growth prospects
The emergence of the challenger banking sector and fintech in general is creating strong opportunities for accountants with retail banking skills
View our archived webinar, including Oracle and a host of ‘Fast Data’ experts, to discover how financial professionals can help create a Fast Data business
Yahoo’s data breach highlights difficulty in determining whether unauthorised access to data has occurred
Cyber risk is a dynamic threat as criminals seek more creative ways of extracting value from reputable businesses. The new wave of attackers are sophisticated and skilled, and may lie low inside a network for weeks, or months, before taking definitive actions