Cyberattacks are the new normal. It seems each week a news outlet reports yet another high-profile data breach affecting businesses and consumers. Even so, many companies fail to realize the severity of the threat.
In fact, a recent report from the Federation of European Risk Management Associations (FERMA) reveals that, surprisingly, only 16% of companies have designated a chief information security officer to oversee cyber-risk and privacy, and less than half have a strategy for communicating a cyber-risk incident to the public.
The report, “Meeting the Cyber Risk Challenge,” reveals another disturbing statistic: Companies are failing to purchase coverage for a cyberattack. Only 19% of respondents claimed they have purchased security and privacy insurance designed to cover exposures associated with information security and privacy issues.
But preparing is about more than just insurance. “Information security is a classic enterprise risk,” said Julie Graham, a FERMA board member. “It is not solely a subject for the domain of the chief information officer or the chief information security officer.”
Indeed, everyone plays a part in keeping a company’s data safe. Now if all companies would just act on that.