Survey reveals ignorance over cyber attacks

Over half of European risk managers don’t know whether their organisation has suffered a cyber attack over the past 12 months. The finding was uncovered by global broker Marsh and Chubb Insurance, which also revealed that 69% of financial services, insurance and law delegates surveyed at their annual communications, media and technology (CMT) conference said their concern about cyber risk had increased over the previous 12 months.

Of more concern is the fact that 54% of those surveyed did not know whether their organisation had been subject to a cyber attack, and only 41% had estimated what the financial impact would be to their organisation. One-quarter felt a cyber attack could cost more than $5m.

The problem is compounded by the confusion within organisations as to which department was responsible for cyber risk. Marsh CMT practice leader for Europe, the Middle East and Africa Fredrik Motzfeldt said: “Risk managers continue to have a minority stake in the management of cyber risk. Our research found that 33% of
respondents believed that the IT department was responsible for cyber risk management in their organisations, compared with only 13% who thought it was a matter for the risk management function.”

Another worrying statistic was that only 21% of those surveyed said their organisation had purchased cyber insurance cover, and a mere 11% felt confident that their cyber insurance provision met their organisational
needs, raising questions about the insurance industry’s ability to respond to cyber threats.

Chubb Insurance European technology insurance manager Richard Lambert added: “The insurance market’s response to this is to see an opportunity to develop new products and provide risk solutions to business.
“The fact that only a minority of those surveyed felt that the cyber insurance available in the marketplace today is meeting their needs is a clear call for continued dialogue between the business, legal and insurance communities.”

Marsh and Chubb Insurance’s survey follows the launch of the Cloud Risk Framework, a five-stage process that enables organisations to evaluate the risks and the potential fi nancial impact involved in a shift to ‘the cloud’