Hiscox, an international insurer specialist, released its 2019 Cyber Readiness Report. The survey measures how prepared organizations are if a cyber attack were to occur. The report surveyed 5,400 professionals from seven countries, including the US. An article by TMC News gave a summary of the results and reported claims frequency and severity have both increased since 2018. Additionally, 61 percent of firms experienced a cyber attack last year compared to 48 percent in 2018.
Below are some key findings from the report:
- 72% of organizations plan to increase spending on cybersecurity.
- Only 11% of those respondents indicated they would increase spending on security training and culture.
- 53% of individuals experienced a cyber incident in the past year.
- 45% reported three or more cyber incidents.
- 56% of organizations experienced cyber-related issues in their supply chain risk.
- Only 7% of these respondents evaluated this exposure.
Organizations are starting to realize the severity of potential threats from a cyber attack but many do not have an effective defense plan in place. It is not enough for an organization to increase cyber-related spending—especially limited to technological securities. Organizations must take a holistic approach to maximize this spending and fill in the gaps between security and coverage. This can be accomplished by creating protocols, hiring the right people, training for employees, etc. Cyber incidents come in many shapes and sizes and in many cases properly trained and cyber-literate employees can help prevent many incidents from ever occurring.
Based on the survey results, companies were ranked as “cyber experts” or “cyber novices.” Below is a list of best practices that “cyber experts” are implementing but “cyber novices” are lacking. Take a look and see if your organization would be considered a cyber expert!
- The top executives and board members should believe that cybersecurity is a top priority.
- Organizations should create a cyber budget and create a strategy.
- One or more individuals should be in charge of the cybersecurity strategy.
- Evaluate the supply chain regularly.
- Create a process if a cybersecurity threat were to occur.
- It is important to insure your business with a cyber liability policy.
Speak with an advisor to develop, review or enhance your organization’s cyber risk management protocols and insurance policy.