Industry is “going insane” with approach to cyber risk

Low security awareness among employees emerges as the biggest vulnerability in securing networks

Industry is “going insane” with approach to cyber risk

Insurance News

By Gabriel Olano

A cyber security report revealed that 61% of surveyed organizations were targeted by ransomware in the past year, and 33% of those affected paid the ransom to recover their data, a victory for the cyber criminals.
 
Meanwhile, 54% of those affected by ransomware were able to recover their data without paying, and 13% refused to pay and subsequently lost their data.
 
Ransomware are malicious programs that infect devices and networks and it either restricts access to data or threatens to publish it without the device owner’s consent, unless a ransom is paid to the ransomware’s creators.

Want the latest insurance industry news first? Sign up for our completely free newsletter service now.
 
The fourth annual Cyberthreat Defence Report by the CyberEdge Group surveyed 1,100 IT decision makers and practitioners from 19 industries in 15 countries scattered across six continents. The study aims to provide a 360-degree view of various industries’ security threats, as well as their current defences and planned investments in cyber security.
 
In line with its previous three incarnations, the survey found that network breaches and cyber attacks in general are on the rise: from 62% in 2014, to 70% in 2015, to 76% in 2016, and now 79% in 2017.
 
Three in four organizations surveyed have rated their level of cyber insurance investment as adequate. Less than 9% of respondents were concerned over insufficient cyber coverage.
 
However, organizations felt that the “human firewall” is still their greatest weakness. When asked what was the biggest problem encountered in securing their employers’ networks, “low security awareness among employees” was the top response for four consecutive years, followed by “lack of skilled personnel” and “too much data to analyse.”
 
“If the definition of insanity is doing the same thing repeatedly and expecting a different result, then perhaps, as an industry, we’re going insane,” said Steve Piper, CEO of CyberEdge Group. “Each year, we invest more in security, yet frequency and severity of data breaches rise … Investing in best-of-breed security defences is always prudent, but to stop the bleeding, we’ve got to invest more in our human firewalls and reducing our network attack surfaces.”

 
Related stories:
Cyber controls dubbed “not fit for purpose”
 

Keep up with the latest news and events

Join our mailing list, it’s free!