Although cyber-risk management is recognized as an enterprise-wide responsibility by many organizations, the IT department still is seen as the front-line defense against information losses and other cyber-liability risks, according to an industry survey of risk-management professionals.

The Zurich-sponsored survey, "A New Era in Information Security and Cyber Liability Risk Management," concludes that this may represent "a significant deficiency in emergency-response planning," noting that the IT department often is not equipped to interpret notification requirements of dozens of states and to marshal the resources necessary to fulfill the requirements of each state following a major breach.

The majority of the 503 respondents recognized the entire organization is responsible for mitigating cyber risks: 57.2 percent responded yes when asked, "Does your organization have a multidepartmental information-security risk-management team or committee?" About 34 percent said no.

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

  • All PropertyCasualty360.com news coverage, best practices, and in-depth analysis.
  • Educational webcasts, resources from industry leaders, and informative newsletters.
  • Other award-winning websites including BenefitsPRO.com and ThinkAdvisor.com.
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.