Eighth annual Advisen Information Security and Cyber Risk Management survey
October 25, 2018
This year’s report suggests that risk professionals are growing more interested in using insurance to help manage cyber risks.
The eighth annual Information Security and Cyber Risk Management survey from Zurich North America and Advisen Ltd. is now available. Like earlier survey reports, the 2018 study provides a benchmark for corporate cyber risk strategies and summarizes some of the key cyber concerns on the minds of risk managers of large and middle market companies.
A key trend identified during the eight years of the study has been the growing reliance on insurance by organizations seeking to manage evolving cyber risks. The 2018 study indicates a 10 percentage point uptick in the purchase of cyber insurance from 2017, either as stand-alone policies or by endorsement. This was the largest year-over-year increase since the first Advisen survey.
The report suggests that this growing reliance on cyber insurance is driven in part by two factors: recent regulatory changes and a growing concern about business continuity losses due to a cyberattack directly impacting corporate operations as well as vital supply chains.
Key survey findings include:
- Large companies were 20 percent more likely than their middle market counterparts to have altered their cybersecurity program in the past year due to the evolving threat landscape.
- Nearly twice as many large companies made changes to their cybersecurity controls as a result of the European Union’s General Data Protection Regulation (GDPR) user privacy regulation compared with middle market companies.
- Large companies also expressed a higher degree of concern about business continuity risks than their middle market counterparts, even though middle market companies have been more frequently impacted by business interruption losses.
- Large companies were more likely than middle market companies to mitigate supply chain risk using a variety of tools available to them.
Read the complete survey report for more insights on the state of business of cyber risk awareness and practices.