More than three-quarters (77%) of risk managers in the U.S. plan to have some level of cyber insurance coverage in place in the next 12 months, according to a Munich Re survey. Of the 23% that do not plan to purchase cyber, five out of six say that current insurance offerings do not meet their needs or are not relevant to their business.
The study, conducted at the Annual Conference of the Risk and Insurance Management Society (RIMS) in Denver, also reports that 42% of risk managers plan to increase their level of cyber insurance or purchase cyber for the first time.
Nearly half of the risk managers (42%) say that conducting regular network penetration tests or security audits is the best way to mitigate risk. Other ways they lessen cyber risk:
- Hiring trained security personnel to handle the cyber exposure (15%)
- Conducting automated/centralized security patch updates (15%)
- Outsourcing IT applications and data warehousing (12%)
- Ensuring acceptable use of policies and procedures (9%)
- Purchasing insurance (7%).
"For businesses, it's far easier and less expensive to prevent a cyber-related loss than to recover from one," said Eric Cernak, Vice President of Hartford Steam Boiler, a subsidiary of Munich Re. "Regular network penetration tests along with automated security patches should be a key component of a company's risk mitigation plan. These actions greatly reduce the probability of incurring loss due to a cyber incident."
Skepticism regarding cloud security remains, as 43% of risk managers are reluctant to use or increase cloud software. Among those individuals, hacking (29%), theft of data (25%), loss of control over data (22%), loss of data (13%) and loss of access to data (11%) are top concerns.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.