A new survey shows that cybersecurity is the biggest worry for companies, especially since few of them feel prepared to handle an attack.
The survey, which was conducted by Microsoft and Marsh, found that when 1,300 senior executives were polled, two-thirds ranked cybersecurity among their organizations’ top five risk management priorities, with 75 percent saying that the business interruption that comes from a hack having the greatest impact on their organizations.
But while companies fear the impact of a cyberattack, only 19 percent are highly confident in their organization’s ability to prevent and respond to a hack. In fact, only 30 percent have developed a plan to respond to a cyberattack.
“Cyber risk is an escalating management priority as the use of technology in business increases and the threat environment gets more complex,” said John Drzik, president Global Risk and Digital, Marsh. “It’s time for organizations to adopt a more comprehensive approach to cyber resilience, which engages the full executive team and spans risk prevention, response, mitigation and transfer.”
Companies aren’t doing much better when it comes to risk quantification: Fewer than 50 percent said their organization estimates financial losses from a potential cyberattack. Of those that do, a mere 11 percent make their estimates in economic terms--a crucial factor in enabling companies to create strategies and make investment decisions such as purchasing cyber insurance.
“While technology is the foundation of any good cybersecurity strategy, companies can benefit from investing in non-technology solutions like risk management as part of a holistic approach,” said Matt Penarczyk, vice president and deputy general counsel, Microsoft. “Through advanced technology, tools and training, for example, companies can better protect the data in their networks and be ready for the business interruptions and reputational risks associated with cyberattacks.”