Marsh has united its knowledge and expertise on cyber to launch the second edition of a Continental European-wide study into organizations’ attitudes towards the threat cyber risks pose, processes in place to manage them, and overall understanding and use of cyber insurance as a means of risk transfer.
According to Marsh’s Continental European Cyber Risk Survey: 2016 Report, a moderate increase in risk managers’ awareness of and proactivity with regards to addressing cyber threat year-on-year is being tempered by the work that still needs to be done in terms of awareness and ownership of cyber risk.
Concerns about cyber-attacks are growing and organizations’ level of complete understanding of cyber risks, at 31%, denotes a rise of almost 50% compared with 2015. However, IT departments (68%) continue to be primarily responsible in case of a cyber attack while the board retains responsibility in just 14% of cases, suggesting that even while the risks posed by cyber threats are now being taken far more seriously across organizations, their boards are still not taking ownership of the risk.
More than 700 respondents across Continental Europe who participated in the study also identified business interruption (24%) as the most significant cyber loss scenario, given the potential for a cyber attack to immobilize day-to-day activities. Both of these threats can be covered against in a basic cyber policy, a promising sign that the insurance market is focusing on the right areas.
The procurement of cyber insurance is also on the rise, with nearly half of organizations (47%) who responded to our survey either already covered by a policy or intending to purchase one over the next 12 months.