Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Cyber risk remains misunderstood despite growing concern among risk managers: Marsh

Despite mounting concerns about cyber risk and the potential financial and reputational consequences of information security breaches, leading organizations across Europe are failing to integrate cyber threats fully into their risk management strategies.

According to new research, risk managers are considerably more concerned about the perceived threat of cyber risks to their organizations than 12 months ago. In a survey conducted at a Marsh’s recent annual Communications, Media and Technology (CMT) conference, and published by Marsh and Chubb Insurance, 69 percent of the CMT, financial services, insurance and law delegates questioned said that their concern about cyber risk has increased over the previous 12 months.

Although the perceived threat of cyber risk is on the rise, Marsh and Chubb Insurance’s research suggests that awareness and understanding of cyber risk among the insurance and risk management community remains low:

  • Over half (54 percent) of respondents did not know whether their organization had been subjected to a cyber attack in the last 12 months;
  • Only 41 percent said that their organization had estimated the financial impact of a cyber attack; yet one-quarter felt that a cyber attack could cost their organizations in excess of $5 million.

Fredrik Motzfeldt, CMT Practice Leader for Europe, the Middle East and Africa (EMEA) at Marsh, commented: “Risk managers are right to be concerned about cyber risk. These threats will become considerably more acute for organizations as a result of our growing dependence on technology and web-based solutions such as cloud computing.

“Despite these concerns, risk managers continue to have a minority stake in the management of cyber risk. Our research found that 33 percent of respondents believed that the IT department was responsible for cyber risk management in their organizations, compared to only 13 percent who thought it was a matter for the risk management function.

“Cyber risks pose too great a risk to the continued success of organizations to be misunderstood. Closer alignment to the risk management function is a vital first step to countering this threat and ensuring that a risk based approach to IT investments is adopted.”

Only 21 percent of respondents to the survey stated that their organization currently purchased cyber insurance cover. Additionally, the research found that only 11 percent of respondents felt confident that their current cyber insurance provision meets their organizational needs, raising questions about the insurance industry’s ability to respond to cyber threats.


•Date: 12th June 2012 • UK/Europe •Type: Article • Topic: ISM

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here