CEOs lose sleep over cyber insurance

Palo Alto Networks has published a study revealing that 50% of UK CEOs at large organisations (500+ employees) agree that cybersecurity is a bigger risk to their organisation than economic uncertainty. Furthermore, 51% of CEOs agreed that as cyber risks increase rapidly their ability to insure their organisation against a successful attack keeps them awake at night.

  • 4 months ago Posted in

The study, conducted on behalf of Palo Alto Networks by Censuswide, surveyed a total of 2500 CEOs from the UK, Germany, France, Brazil and the UAE.

Despite the significant growth in the number of cyberattacks, including ransomware, the level of understanding of cybersecurity risks among UK CEOs is lower than their counterparts in the other markets. Only 16% of UK CEOs surveyed feel that they have a complete understanding of the cyber risks facing their organisation, compared to 21% in Brazil, 21% in the UAE, 22% in France, and 39% in Germany.

While the number and type of cyber attack continues to increase rapidly, the findings suggest that CEOs feel detached from responsibility for cybersecurity. One in five UK CEOs (21%) surveyed say that the CIO is wholly responsible for cybersecurity, while 24% acknowledge that they are partly responsible, but see it as mostly the CIOs job.

When it comes to being prepared for a cyberattack, more than three-quarters of respondents (78%) say that they are confident that they have complete and tested plans and systems for threat protection and recoverability, and 74% say that they are confident the organisation is resourced to adapt to changing threats and vulnerabilities.

However, when asked about their preparedness for a ransomware attack, only 36% say that they have an agreed plan to work with incident response experts to recover data and systems, with over a third (34%) saying that they would pay the ransom to release systems and return the data if hit by a ransomware attack.

UK CEOs surveyed are also amongst the least confident when it comes to managing cybersecurity risks across their supply chain and other third parties that they work with. More CEOs in Germany (39%), France (42%) and Brazil (45%) are very confident in their ability to manage supply chain risks than those in the UK (32%).

Commenting on the findings of the survey, Gavin Mee, Vice President, EMEA West & North at Palo Alto Networks, said, “This study highlights escalating concern over cyber risks among CEOs and shines a light on the need for increased dialogue and education about cybersecurity at all levels of an organisation. As the digitalisation of industries expands the attack surface, cybercriminals are becoming more sophisticated, innovative, and persistent, so our goal at Palo Alto Networks is to safeguard the growth of the UK economy and its companies with the very best cybersecurity platforms and services”.

LiveAction has released the newest version of the LiveWire product family which will supercharge network visibility, empower SecOps and NetOps teams and boost packet analysis capabilities by up to 600%.
Once integrated into the WatchGuard Unified Security Platform architecture, the CyGlass technology will deliver AI- and ML-based detection of network anomalies and accelerate Open XDR capabilities.
Intel presents a software-defined, silicon-accelerated approach built on a foundation of openness, choice, trust and security.
BlueVoyant and Qualys join forces to offer an integrated managed service for Qualys VMDR and TotalCloud, delivering an enhanced vulnerability identification, cloud security, and compliance solution.
New cloud-centric platform, purpose-built for small and midsize MSPs, improves customer billing, reduces complexity, and maximizes revenues.
CloudBees has introduced a new cloud native DevSecOps platform that places platform engineers and developer experience front and center.
To mitigate ransomware attacks, IT professionals must consider both business-related and infrastructure data equally.
New solution combines forensics evidence with real-time telemetry to deliver unified insights into security incidents analysts need to perform investigation and response activities with efficiency and speed.