- Lloyd's Brussels office officially opens for business ready for Brexit
- World Economic Forum's Regional Risks for Doing Business report indicates significant differences in risk perceptions across the eight regions covered-cyber attacks heads most developed regions
- IAIS concludes 25th annual Conference-“We are now beginning a pivot to a greater focus on emerging and accelerating trends impacting both our developed and emerging market Members, including FinTech, cyber risks, climate risk and sustainable development challenges" says Secretary General.
- Pool Re publishes its annual Terrorism Threat & Mitigation Report focusing on the key terrorist events and developments in 2018
- Marsh-JLT Specialty formed
- Allen to chair LMA Finance Committee
- Oman joins IAIS Multilateral Memorandum of Understanding (MMoU) expired
- InsurTech Iotatech raises £1m in second round of funding expired
- Startupbootcamp InsurTech appoints Manjit Rana as managing director for Corporate Innovation in Insurance expired
- RSA to restructure its specialty and wholesale business on a more focussed basis expired
- Sedgwick acquires Irish loss adjuster expired
- AXIS Capital estimates Hurricane MIchael losses at $100-120m expired
20th June 2018
New global survey from Economist Intelligence Unit(EIU) and Willis Towers Watson highlights majority of executives around the world feel their organisations can do better when it comes to learning from their past cyber mistakes
A majority of executives around the world feel their organisations can do better when it comes to learning from their past cyber mistakes, according to the results of a newly released global survey conducted by The Economist Intelligence Unit(EIU) and Willis Towers Watson. The EIU surveyed over 450 companies across the globe about their strategies and the challenges they face in building cyber resilient organisations. While most organisations regard themselves as doing a good job on incident response, only 13% said their organisations were above average in incorporating learnings from cyber incidents into resilience strategies.
The survey found little consensus among boards and executives on cyber resiliency planning, including the deployment of strategies across the organisation, where to allocate funds, and what areas of the organisation are most at risk. The split in cyber preparedness was also apparent across geographies, as North American companies contrast strongly with their peers in Asia and, to some extent, the EU on issues such as expectations for frequency and impact of cyber-attacks, and confidence in their ability to recover from a breach. Interestingly, of the four regions surveyed (North America, UK, Europe and Asia), the UK had the highest rate of perceived cyber resiliency at 21%.
Some other key findings of the report include:
The average corporate cyber resilience spend was about 1.7% of revenue, and 96% of board members believe that isn’t enough
-North America spent the highest on cyber-resilience as a percent of revenue(2-3%), whereas the other regions spent between 1-2% or less
-Among executives, there is little consensus on how to allocate cyber budgets–but very close responses were given between “technology to harden cyber-defences” and “IT talent acquisition, skills training/development”
-3 out of the 4 regions believe that the “board as a whole” should oversee cyber risk, while Europe disagreed saying it should be a dedicated cyber group.
“It’s important for companies to understand that achieving cyber resiliency is a company-wide imperative, one that shouldn’t be sequestered to certain roles or functions,” says Anthony Dagostino, global head of cyber risk with Willis Towers Watson. “Boards should emphasize the need for a strategic framework, and the C-Suite should set the tone within their organisations by empowering stakeholders, such as IT, Risk, HR, legal and compliance to drive an integrated risk management and resiliency strategy. While technology will remain a crucial defense, more than half of cyber incidents are attributable to employee behaviour and talent deficits in cybersecurity roles, so investing in other areas such as human capital solutions and cyber insurance have to become part of regular board and C-Suite conversations.”
Willis Towers Watson Trends(136 articles)
Economist Intelligence Unit Trends(23 articles)
Cyber Trends(792 mentions in Insurance Newslink)