IT Still Largely Responsible For Cyber Risk, Study Finds

Although cyber-risk management is recognized as an enterprise-wide responsibility by many organizations, the IT department still is seen as the front-line defense against information losses and other cyber-liability risks, according to an industry survey of risk-management professionals.

The Zurich-sponsored survey, “A New Era in Information Security and Cyber Liability Risk Management,” concludes that this may represent “a significant deficiency in emergency-response planning,” noting that the IT department often is not equipped to interpret notification requirements of dozens of states and to marshal the resources necessary to fulfill the requirements of each state following a major breach.

The majority of the 503 respondents recognized the entire organization is responsible for mitigating cyber risks: 57.2 percent responded yes when asked, “Does your organization have a multidepartmental information-security risk-management team or committee?” About 34 percent said no.

But of those who answered the question “Which department is primarily responsible for spearheading the information-security risk-management effort?” 73.2 percent indicated it is the responsibility of the IT department, followed by only 13.2 percent who said it is the risk-management/insurance department’s responsibility.

A total of 86 percent of respondents agreed that cyber and information-security risks pose at least a moderate danger to their organization. However, while information security and cyber risks are widely acknowledged as serious concerns by respondents, cyber-liability insurance is not purchased by a majority of organizations.

When asked “Does your company buy cyber-liability insurance?” 35.1 percent of respondents said yes while 60.1 percent said no. In larger organizations ($1 billion in revenue and above) only a slightly higher percentage respond yes, at 36 percent, compared to 34 percent of the smaller organizations.

About 24 percent of current non-buyers said they are considering a purchase next year.

Top Story

Ferguson burning: 9 scenes of property damage in the wake of the riots

A grand jury in Ferguson, Missouri on Monday declined to indict a local police officer in the August 2014 shooting death of 18-year-old Michael Brown, setting off a night of violent riots in the suburban St. Louis community. Here's the aftermath.

Top Story

Ranked! Here's the safest minivan on the road, and the 4 that fall short

Minivans are the safest vehicles for families, right? Well, maybe not.

More Resources

Comments

eNewsletter Sign Up

PropertyCasualty360 Daily eNews

Get P&C insurance news to stay ahead of the competition in one concise format - FREE. Sign Up Now!

Mobile Phone
         

Advertisement. Closing in 15 seconds.