Cyber security rises to the top of the boardroom agenda

Cyber security is now considered to be an executive responsibility, with 54% of CEOs in European companies taking responsibility for it, according to new research from Lloyd’s, the specialist insurance and reinsurance market.

  • 7 years ago Posted in
owever, many businesses still underestimate the potential impact of a cyber event, with only 13% of European companies believing that they will lose trade in the event of a cyber attack.

The Lloyd’s ‘Facing the cyber risk challenge’ survey, which examined the attitudes of European business leaders towards cyber risk, also revealed that whilst 92% of businesses had experienced some form of cyber breach in the last five years, only 42% are worried that another incident will happen in the future.

Lloyd’s Chief Executive, Inga Beale, believes the results should serve as a warning that firms may still be too complacent as regards how they are prepared for a cyber risk incident and what the implications of one could be for their business.

Inga Beale said:
“It is reassuring that responsibility for cyber risk is sitting at the most senior level of businesses, but it is clear that too many firms do not believe that the dangers of a breach will severely impact them. I’m afraid we no longer live in a world where you can prevent breaches taking place, instead it is about how you manage them and what measures you have in place to protect your business and importantly, your customers. As recent events have shown, hard-earned reputations can be lost in a flash if you do not have the correct plans in place.”

Inga Beale said that insurance can provide a critical role in helping businesses in this environment, not just in terms of cover for any financial losses, but for the support regarding meeting regulatory obligations and dealing with potential operational and reputational fall-outs.

“New Europe-wide regulations will mean that businesses have to be more responsive to any cyber incident than may have been the case in the past. Insurance companies provide more than just cover for any lost income, they offer a wrap-around service that can keep businesses on the right side of regulation and help protect their customers and their reputation.”

With the incoming General Data Protection Regulation (GDPR), organisations handling EU citizens’ data will be required to report breaches within 72 hours and will face potential fines of up to ˆ20million for failing to secure data. Despite the implications, 57% of business leaders also worryingly admit not fully understanding the potential implications of the GDPR on their company.

The key points highlighted by the survey were:

  • 92% of business suffered a cyber security breach in the last five years
  • However only 42% are concerned another breach will happen in the future
  • Although 97% of respondents have heard of the GDPR, only 7% report knowing “a great deal” about it. 57% said they know “little” or “nothing”
  • Awareness of the implications the GDPR could have upon a business: regulatory investigation (64%), financial penalties (58%), impact on share price (57%) and reputation (52%). Only 13% of businesses believe they could lose customers in the event of a breach
  • Top internal threats identified as being able to result in a data breach: physical loss of paper or non-electronic devices (42%), an insider intentionally breaching information (42%), human error or unintended disclosure (41%), lost, stolen or discarded equipment (41%)
  • Top external threats identified as being able to result in a data breach: hacking for financial gain (51%), hacking for political motivations (46%), hacking by competitor (41%), phishing (39%), ransomware (37%), malware (32%)
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...