SCHAUMBURG, Unwell., Oct. 27, 2021 /PRNewswire/ — Zurich North America and Advisen Ltd. have launched the 11th Annual Data Safety and Cyber Danger Administration Survey of company threat managers and insurance coverage consumers revealing present views about data safety and cyber threat administration. This yr’s survey options the very best share of cyber insurance coverage consumers because the starting of the survey 11 years in the past with 83 p.c of respondents carrying some degree of cyber insurance coverage. The survey outcomes point out that threat professionals are more and more conscious of their intensifying cyber dangers and the necessity to handle them utilizing threat mitigation and threat switch. Nevertheless, a deeper dive into the numbers discovered that there’s a lot room for enchancment in constructing cyber resilience.
- Sixty-five p.c of respondents have invested in cyber safety options to mitigate threat, which implies that 35 p.c of respondents nonetheless haven’t.
“At Zurich, now we have been advocating for elevated cyber resilience amongst companies for years so seeing a continued enhance in take up fee and strengthening threat mitigation efforts may be very encouraging,” mentioned Michelle Chia, Head of Skilled Legal responsibility and Cyber for Zurich North America. “The survey outcomes additionally inform us, nonetheless, that extra work must be achieved to extend cyber resilience and we’re dedicated to offering companies the resilience methods they want by way of training and assist.”
The survey outcomes reveal gaps in mitigation efforts amongst respondents particularly associated to threat monitoring, worker coaching and vender threat evaluation efforts.
Danger monitoring: Most threat managers taking the survey should not monitoring cyber threats to their organizations often sufficient. Thirty-two p.c of respondents shared that they monitored for cyber threats month-to-month and 28 p.c simply quarterly. The report states that “…in as we speak’s fast-changing surroundings, even month-to-month risk assessments will depart organizations ill-prepared for each risk actors and their cyber insurance coverage renewals.”
Vendor threat evaluation: At 52 p.c, barely half of the survey respondents say vendor threat evaluation is part of their threat mitigation plans. Additionally, respondents categorized enterprise interruption attributable to expertise failures or provider cyber disruptions solely as a average concern on the listing of their enterprise continuity considerations. With cybercriminals more and more leveraging third-party distributors to launch assaults on a broader scale, firms ought to be forewarned that vendor threat isn’t an space to disregard.
Worker training: Human error is a significant component in profitable cyber safety breaches. With cyber threats evolving day by day, extra frequent coaching alternatives that maintain workers within the loop on threats and assist them establish and thwart efforts by unhealthy actors shall be crucial in minimizing cyber occasions. But solely 17 p.c of respondents point out that their firms supply cyber safety coaching on a month-to-month foundation. Annual coaching is the most typical response chosen at 30 p.c of survey respondents, with 25 p.c conducting worker cyber training on a quarterly foundation.
This yr is the primary time the survey has featured questions on ransomware. Eighty p.c of respondents say they really feel very or reasonably ready to face a ransomware occasion. Nevertheless, respondents additionally fear that irrespective of how a lot they put together, it won’t be sufficient to totally overcome a ransomware assault. A deal with enterprise interruption endured by way of the survey’s ransomware part; and the “unknowns” of ransomware have been obvious within the survey with one respondent including, “Whereas our cyber threat safety efforts appear very strong, it is troublesome to know what we do not know.”
Different key findings of the 2021 survey embody:
- The laborious cyber insurance coverage market is hitting consumers on all fronts together with retention, limits, value, and protection. Respondent feedback present vital worries a few “fully dislocated” market with triple-digit fee will increase, shrinking coverages, and skepticism over whether or not insurers adequately analyze efficient loss prevention measures.
- Consumers’ frustration with the cyber insurance coverage market’s coverage wording varies from provider to provider, which makes it troublesome for coverage holders to check options.
Contemplating the present state of the insurance coverage market, threat managers will discover pre-breach mitigation planning and glorious cyber safety controls to be necessary for underwriters. This yr’s survey highlights just a few areas the place threat managers could also be lagging and the place their insurance coverage companions can supply training and assist.
“This survey reveals that prospects are involved with the altering market and what it’s going to imply to their renewal course of,” added Chia. “Danger managers are searching for protection that protects their enterprise on the proper value and are additionally searching for options to mitigate their threat. With so many unknowns, they could discover that the solutions to enterprise resilience are proper in entrance of them within the type of threat mitigation.”
For 11 consecutive years, Zurich North America and Advisen Ltd. have collaborated on this survey designed to achieve perception into the present state of and ongoing traits in cyber threat administration and insurance coverage.
The outcomes mirror the responses of almost 400 respondents representing threat managers, insurance coverage consumers and different threat professionals overlaying each massive and small firms world wide. Finance, banking and insurance coverage industries are probably the most extremely represented. Different industries with vital illustration included manufacturing, building, skilled providers, academic establishments, healthcare and expertise. Corporations with between $1 billion and $10 billion in income comprised 30 p.c. Giant companies with greater than $10 billion in income represented 10 p.c, however most respondents got here from smaller and center market firms (lower than $1 billion in income) at 61 p.c.
events can hyperlink to the whole survey outcomes at