Only 2% of business are properly insuring for Cyber Risks
That is the shocking conclusion from the panel session held at the recent CBI Cyber Security Conference.
The panel session was chaired by Matthew Fell, Policy Director, CBI and included Giles Smith, Deputy Director Cyber Security and Resilence from DCMS and Steven Wares, Head of Cyber Practice, EMEA, Marsh. London, June 2015.
Despite the attention on Cyber Risk over the past few years it is clear there is much more that needs done if business is to start balancing the risk faced. While progress is being made, it still seems as though there is still reluctance by many to see cyber as a real risk to the business.
Risk managers often find it difficult to connect or understand the subject and many IT professionals continue to see the issues raised as principally an IT issue with few are actively engaging with their risk teams to build a balanced approach. With most organizations now dependent on technology a cyber issue can cripple operations or expose the organization to liabilities from regulators and other stake holders.
Even by applying good basic measures, such as the governments Cyber Essentials Scheme, firms may find they lack the resources to respond and cope with an incident when the expertise and time needed comes with quite a price!
A well structured approach to prevent and mitigate the threat from Cyber, combined with a well thought through Insurance policy, can dramatically change outcomes and help deliver not only an enhanced capability, but also help build competitive advantage. If you'd like to know more about how you can build an effective approach to Cyber Risk Management check out the CRIF Framework on our resources pages.
You might also like ...
Beazley, the pioneer in breach response insurance, announced today the addition of PwC to the panel of specialist service providers available to Beazley Breach Response (BBR) policyholders. Beazley's BBR clients now have access to one of the world's largest forensic services providers to investigate suspected data breaches and network intrusions and contain the issue as swiftly as possible.