Zurich Insurance released the fifth annual Advisen cyber survey of U.S. risk managers looking at ongoing trends in information security and cyber liability.
The key findings, analysis and conclusions were presented at the Advisen Cyber Risk Insights Conference in New York, on Tuesday. The results reflect responses from more than 400 respondents representing U.S.-based risk managers, insurance buyers and other risk professionals covering both large and small companies.
"This year's cyber survey shows that demand for coverage and higher limits has increased tremendously and we at Zurich have seen double-digit growth year over year," said Bryan Salvatore, president of Specialty Products for Zurich North America. "That is why we are heavily invested in identifying risks and delivering solutions and why we are committed to staying at the forefront of this issue."
Cyber liability coverage up 26% in 2015
The survey revealed that the overall upward trend of organizations purchasing cyber liability insurance is accelerating in 2015, up 9% over 2014. There has been a 26% increase in the number of business respondents with cyber liability coverage.
Other key findings include:
- Two-thirds of respondents have either increased their policy limits or are considering increasing their limits. The vast majority of respondents purchase cyber coverage on a stand-alone basis.
- Organizations are increasingly developing data breach response plans, up 10% since last year.
- About 93% of respondents are at least moderately concerned about cyber-related business interruption (BI) & contingent business interruption (CBI) exposures – with 23% extremely concerned.
- Risk professionals increasingly view cyber risks as an extremely serious threat.
- Boards and executive management continue to view cyber risks more seriously.
- The primary reason why respondents have yet to purchase coverage is that their superiors do not see the need.
- Privacy violation/data breach of customer records is the biggest concern of respondents.
- More organizations view information security as an organizational challenge rather than just an issue to be addressed by the Information Technology (IT) department.
The survey touched on some emerging risk issues, suggesting that resilience requires an understanding of changing exposures, including those created due to an increased reliance on technology. Social media, it says, has many positives, but also exposes organizations to certain risks, like reputational damage, privacy issues, and data breaches. About 76% of respondents said their companies have a written social media policy.
67% of companies use cloud services
The cloud, credited for its cost effectiveness and storage capacity, has become a popular alternative to storing data in-house. Although some organizations are not comfortable storing proprietary information on someone else's server, the benefits continue to outweigh the security concerns. About 67% of respondents said that their company uses cloud services.
The security of non-company controlled mobile devices is becoming a matter of great concern to organizations. About 79% have a mobile device security policy. In three years, the percentage of respondent companies that have instituted a "bring your own device" policy have increased from 36% to 56%.
The Internet of Things (IOT) has become a new challenge, and is defined as everyday objects that have network connectivity. Businesses increasingly look to smart technology to increase efficiency and overall competitiveness. About 43% of respondents said their company is exposed to the IOT.
"With the increase in frequency and severity of data breaches and new exposures continuing to surface, these results enhance our ability to help businesses better understand and protect themselves from cyber-related risk," added Salvatore.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.