Report reveals new trends in cyber risk management

Despite increasing levels of boardroom ownership, many UK firms are still failing to estimate the financial impact of a cyber attack or assess their suppliers and customers for cyber risk, according to research from Marsh.

Marsh’s 'UK Cyber Risk Survey Report 2016' found that board-level ownership of cyber risk among the UK businesses surveyed has increased from 19% in 2015 to 30% this year. Levels of understanding have also increased compared to 2015, with 83% of respondents saying they have a basic or complete understanding of their company’s cyber exposure, compared to 61% last year. IT departments remain responsible for the review and management of cyber risks in the majority (55%) of firms.

Marsh found that only 26% of respondents believe that their organisation’s supply chains are assessed for cyber risks, up slightly from 22% in 2015, despite this being a known source of breach. Furthermore, just 35% of respondents’ organisations have been asked to demonstrate a competent standard of IT security practices by their bank and/or customers in order to do business with them.

CEO, Marsh UK & Ireland, Mark Weil, said the recent increase in board-level ownership and control suggests that the recent series of high-profile cyber incidents has resulted in UK organisations recognising that cyber threats are serious. “We also welcome the growing take-up of cyber insurance as a way for boards to verify in the risk market that their security measures are effective. The gaps in assessing supplier risk and quantifying the scale of cyber threat suggest that there is still plenty to do.”

According to Marsh’s research, 29% of respondents have bought, or are in the process of buying, cyber insurance cover, while an additional 26% are currently engaging with the insurance market and are seeking quotations for cyber insurance.

Marsh’s findings are based on research among risk and finance professionals from large and medium sized firms across the UK.

    Share Story:

YOU MIGHT ALSO LIKE


The Future of Risk & Resilience with AI & Data
CLDigital's Co-Founder, Tejas Katwala, joins CIR Magazine to discuss how CLDigital is transforming enterprise risk and resilience. By integrating business processes, AI and data-centric strategies, organisations can move beyond compliance to proactive risk management – simplifying operations, strengthening resilience, and driving business performance. Listen now to explore the future of intelligent risk management.

Investec is disrupting premium finance – Podcast
Investec made waves in entering the premium finance market, where listening and evolving in response to brokers made a real difference.

Advertisement