Convinced a cyber attack is looming, many firm still don't prepare

Register now

Many organizations think experiencing a security cyber attack is inevitable, but a majority are not taking adequate steps to protect themselves, according to a report from insurance firm The Travelers Companies Inc.

The firm commissioned Hart Research to conduct a national online survey of 1,201 business decision makers in June 2018, and found more than half (52 percent) of respondents think suffering an attack is inevitable.

Despite this, 55 percent have not completed a cyber risk assessment for their businesses; 62 percent have not developed a business continuity plan; 63 percent haven’t completed a cyber risk assessment on vendors who have access to their data; and 50 percent do not purchase cyber insurance.

“Cyber risks carry serious consequences for any business, threatening everything from revenue to operations,” said Tim Francis, enterprise cyber lead at Travelers. “These findings reveal some surprising things about how companies view their cyber exposures, their relative confidence in dealing with them and the clear opportunity that exists for them to be better prepared for a cyber attack.”

The percentage of respondents who think the current business environment is more risky continues to decrease, according to the report. In 2018 it was 36 percent, compared with 41 percent in 2016 and 48 percent in 2014. Overall, the concern about cyber security risk is second only to medical cost inflation. But it’s the top concern of large businesses and in sectors such as technology, banking and professional services.

For reprint and licensing requests for this article, click here.