Cyber risk remains misunderstood despite growing concern among risk managers: Marsh
Despite mounting concerns about cyber risk and the potential financial and reputational consequences of information security breaches, leading organizations across Europe are failing to integrate cyber threats fully into their risk management strategies.
According to new research, risk managers are considerably more concerned about the perceived threat of cyber risks to their organizations than 12 months ago. In a survey conducted at a Marsh’s recent annual Communications, Media and Technology (CMT) conference, and published by Marsh and Chubb Insurance, 69 percent of the CMT, financial services, insurance and law delegates questioned said that their concern about cyber risk has increased over the previous 12 months.
Although the perceived threat of cyber risk is on the rise, Marsh and Chubb Insurance’s research suggests that awareness and understanding of cyber risk among the insurance and risk management community remains low:
Fredrik Motzfeldt, CMT Practice Leader for Europe, the Middle East and Africa (EMEA) at Marsh, commented: “Risk managers are right to be concerned about cyber risk. These threats will become considerably more acute for organizations as a result of our growing dependence on technology and web-based solutions such as cloud computing.
“Despite these concerns, risk managers continue to have a minority stake in the management of cyber risk. Our research found that 33 percent of respondents believed that the IT department was responsible for cyber risk management in their organizations, compared to only 13 percent who thought it was a matter for the risk management function.
“Cyber risks pose too great a risk to the continued success of organizations to be misunderstood. Closer alignment to the risk management function is a vital first step to countering this threat and ensuring that a risk based approach to IT investments is adopted.”
Only 21 percent of respondents to the survey stated that their organization currently purchased cyber insurance cover. Additionally, the research found that only 11 percent of respondents felt confident that their current cyber insurance provision meets their organizational needs, raising questions about the insurance industry’s ability to respond to cyber threats.
•Date: 12th June 2012 • UK/Europe •Type: Article • Topic: ISM