The eighth annual Information Security and Cyber Risk Management survey from Zurich North America and Advisen Ltd. is now available. Like earlier survey reports, the 2018 study provides a benchmark for corporate cyber risk strategies and summarizes some of the key cyber concerns on the minds of risk managers of large and middle market companies.
A key trend identified during the eight years of the study has been the growing reliance on insurance by organizations seeking to manage evolving cyber risks. The 2018 study indicates a 10 percentage point uptick in the purchase of cyber insurance from 2017, either as stand-alone policies or by endorsement. This was the largest year-over-year increase since the first Advisen survey.
The report suggests that this growing reliance on cyber insurance is driven in part by two factors: recent regulatory changes and a growing concern about business continuity losses due to a cyberattack directly impacting corporate operations as well as vital supply chains.
Key survey findings include:
- Large companies were 20 percent more likely than their middle market counterparts to have altered their cybersecurity program in the past year due to the evolving threat landscape.
- Nearly twice as many large companies made changes to their cybersecurity controls as a result of the European Union’s General Data Protection Regulation (GDPR) user privacy regulation compared with middle market companies.
- Large companies also expressed a higher degree of concern about business continuity risks than their middle market counterparts, even though middle market companies have been more frequently impacted by business interruption losses.
- Large companies were more likely than middle market companies to mitigate supply chain risk using a variety of tools available to them.
Read the complete survey report for more insights on the state of business of cyber risk awareness and practices.