Board-level ownership of cyber risk rising but gaps remain: Marsh
- Published: Friday, 16 September 2016 08:38
Despite increasing levels of boardroom ownership, many UK firms are still failing to estimate the financial impact of a cyber attack or assess their suppliers and customers for cyber risk, according to research by Marsh.
Marsh’s UK Cyber Risk Survey Report 2016 found that board-level ownership of cyber risk among the UK businesses surveyed has increased from 19 percent in 2015 to 30 percent this year. Levels of understanding have also increased compared to 2015, with 83 percent of respondents saying they have a basic or complete understanding of their company’s cyber exposure, compared to 61 percent last year. IT departments remain responsible for the review and management of cyber risks in the majority (55 percent) of firms.
However, Marsh found that only 26 percent of respondents believe that their organization’s supply chains are assessed for cyber risks, up slightly from 22 percent in 2015, despite this being a known source of breach. Furthermore, just 35 percent of respondents’ organizations have been asked to demonstrate a competent standard of IT security practices by their bank and/or customers in order to do business with them.
According to Marsh’s research, 29 percent of respondents have bought, or are in the process of buying, cyber insurance cover, while an additional 26 percent are currently engaging with the insurance market and are seeking quotations for cyber insurance.
Marsh’s findings are based on research among risk and finance professionals from large and medium sized firms across the UK.