Trends in information security and cyber risks management

Digital, data and cyberReportOctober 28, 20163 min read

A new survey, sixth annual, discussing the trends of information security and cyber risk management

Share this

Cyber-governance failures could cost world USD 120 trillion by 2030

As the cyberthreat landscape continues to evolve, companies across all industries find themselves increasingly vulnerable to potential harm from a new breed of cybercriminal.

The recent high profile attacks against Yahoo and Dyn, for example, have once again thrown cybercrime incidents into the spotlight for many companies.  The sheer magnitude and scale of these incidents has made them impossible to ignore, and once again proves that no company is immune to such incidents.

How are businesses responding to these emerging security threats? What risk strategies are they employing to protect themselves and their customers?

Given the high profile stakes of reputational damage, loss of revenue and diminished customer base, companies need to ensure that they are prepared to handle and respond to cyber related incidents and mitigate any damage to their business or brand.  As such, companies have turned their focus on cyber resiliency and making this a key priority for the future.

In the 6th annual Information Security and Cyber Risk Management Survey, co-sponsored by Zurich and Advisen, cyber resiliency has taken center stage as one of this year’s key trends with many companies evidencing their focus on managing this risk.  Some of the key findings from this year’s survey include:

  • 98% of companies surveyed conduct an assessment of their procedures for protecting sensitive data;
  • 97% conduct an assessment of their cyber risk management program;
  • 94% conduct an assessment of their data breach response plan and related capabilities;
  • 84% provide executive education on cyber risk;
  • 79% provide cyber workshops and training for employees

These responses not only represent a significant jump from prior years, but also show the importance that companies are placing on cyber resiliency and proactive risk management around cyber related issues.

Our 2016 findings reveal some marked shifts in approach by the risk professionals, executives and board members we surveyed. This year’s study also takes a deeper dive into the data to reveal new insights, including:

  • Identifying the key industries more likely to purchase security and privacy insurance and engage in risk-management activities
  • How changing attitudes are affecting the cybersecurity roles of IT and legal services
  • The varying dependence on internal vs. external resources for pre- and post-breach situations