The corporate perspective on cyber risk over a 10-year horizon
Article information and share options
Swiss Re, in collaboration with IBM®, undertook a global survey of companies at the beginning of 2016. The broad aim was to find out more about how corporates perceive the impact of digital interconnectedness on their business, and the measures they are adopting to monitor and manage those risks. The main findings are summarised below:
Almost half of the corporations surveyed consider cyber risks of digital interconnectedness to be greater than other risks. They were most concerned about accidental exposure or corruption of data and malicious corruption or theft of data. Cyber crime is seen as the biggest potential threat in ten years.
Corporations also see third-party risk becoming more of an issue than first-party losses over the next ten years. The companies most concerned by third-party liability are those which handle large volumes of confidential data. This will become a sensitive issue, as data breaches will soon be subject to mandatory reporting requirements in Europe.
In spite of the acknowledgement of cyber risks and the perceived imminent rise in third-party liability (which is costly), corporations do not invest widely in cyber cover. However, that is likely to change as over 70% of respondents said they would invest in cyber insurance in future for risks stemming from interconnectedness.
As regards employee skills, there is also room for improvement. Approximately 60% of respondents were not confident that their workforce had adequate skills to cope with the cyber threat. However, over a ten-year horizon that number drops significantly (to about 19%). That suggests these companies have plans to address their training needs.
It appears that corporations are aware of cyber risks and expect the threat to increase. Demand for insurance is therefore bound to rise. Moreover, companies will probably aim to cooperate with insurers and benefit from their expertise in risk mitigation, especially regarding employee training and managing third-party risks.
A data breach doesn't mean game over. After a cyber-attack we get you back in business.
Learn more about our Cyber insurance solutions.