Enterprise risk management plays the key role in identifying cyber risks: RIMS Cyber Survey 2015
- Published: Tuesday, 09 June 2015 14:24
Due to the tremendous publicity and new information regarding the impact of a cyber attack, organizations have placed greater emphasis on developing risk management strategies to proactively address these exposures. RIMS, the risk management society, conducted its first Cyber Survey 2015 to explore strategies implemented by risk professionals including insurance investments, exposures, cyber security ownership, government involvement, as well as identification methods and response procedures.
Key findings from the RIMS Cyber Survey 2015 include:
- 51 percent of respondents purchase stand-alone cyber insurance policies;
- 58 percent of those with cyber insurance policies carry less than $20M in cyber coverage, while 49 percent of those are paying over $100k in premium;
- 74 percent of those without cyber coverage are considering procuring coverage in the next 12-24 months;
- 77 percent of respondents credit enterprise risk management for identifying cyber risk;
- The top three first party exposures reported are:
- Reputational harm (79 percent)
- Business interruption (78 percent)
- Data breach response and notification (73 percent).
The survey features input from 284 of RIMS’ Professional Members in the United States. The majority of the survey respondents represented organizations with excess of $1 billion US in revenue (58 percent).
The full survey is available to both RIMS members and non-members in the RIMS Risk Knowledge library.