Despite another record year for cybercrime and headline-making cyberattacks, recognition of the risk may be waning among corporate leaders, according to Zurich and Advisen’s annual Information Security and Cyberrisk Management survey.
While 85% of risk professionals surveyed in 2016 said executive management views cyberrisk as a significant threat to the organization, only 60% said the same this year. They reported a similar decline among board members, from 83% to 62%.
High-profile attacks, including the crippling spread of WannaCry ransomware in May, demonstrated the widespread vulnerability and potential disruption of operations among businesses worldwide, but only 22% rated business continuity as “high risk.” What’s more, only 53% of respondents knew of any changes to their company’s cybersecurity systems in response to these attacks and just 10% identified business interruption as the primary motivation for purchasing cyber insurance.
Cyber insurance take-up rates also slowed in 2017, after increasing from 35% to 65% between 2011 and 2017.