Skip to main content
Article | Decode Cyber Brief

Decode Cyber Brief - Summer 2017 Edition

Zarządzanie ryzykiem cybernetycznym
N/A

July 26, 2017

A bi-annual publication featuring the latest trends in managing people, capital and technology risks related to cybersecurity across your enterprise.

Welcome to the Summer 2017 Edition of Decode Cyber Brief. Many developments have occurred in the cyber sphere during the short amount of time since the release of our last edition. Organizations have made headlines over reports of major cyber breaches while large-scale ransomware attacks WannaCry and Not-Petya have caused serious business interruptions at companies of all sizes. With cyber incidents on the rise, we continue to explore what makes organizations vulnerable to a cyberattack and provide solutions on how to mitigate risk across three segments – people risk, capital risk and technology risk.

The recent cyber news underscores the fact that many organizations have yet to implement a cyber-savvy workforce and culture of cybersecurity that promotes training, awareness, responsibility and accountability across their enterprise, all of which are needed to truly combat cyber risk.

Research findings from our Willis Towers Watson 2017 Cyber Risk Surveys indicate that while three-quarters of U.S. companies believe they are highly protected and can adequately respond to threats, employees ranked insufficient understanding (79%) as the biggest barrier to their organization effectively managing its cyber risk. Nearly half of employees (45%) spent 30 minutes or less on cybersecurity training in 2016, and a quarter (25%) received none at all. It is important that each member of an organization, from top to bottom, commits to increasing their cyber IQ and takes steps to protect themselves and the company from cyber threats as part of their job, not a role simply relegated to IT.

Our data revealed two immediate priorities for organizations:

  1. Training for employees and contractors
  2. Reviewing the cyberinsurance gap and adding coverage

The ever-present risk of a myriad of business issues resulting from cyberattacks are steadily fueling international demand for cyber liability insurance. According to our study, more than nine in 10 companies have reviewed or plan to review their existing cyberinsurance, while eight in 10 are looking to enhance coverage. Given the potential catastrophic losses that can accompany a cyber breach, it is no surprise that companies are extensively reviewing their cyberinsurance policies and ensuring that they have all of the proper coverages.

Table of contents


  1. Careful how you code: Cyberterrorism coverage under TRIA and stand-alone cyber policies

    By Jason Krauss

    Jason Krauss offers a comprehensive review of the coverage afforded under the Terrorism Risk Insurance Act of 2002, how to ensure it applies to a cyber liability insurance policy, and why buyers need to carefully examine the policy's war exclusion and definition of cyberterrorism. Read the article

  2. Brace yourselves: Global cyberinsurance demand is coming

    By Dan Twersky, Andrew Ko and Judy Xiang

    Dan Twersky, Andrew Ko and Judy Xiang propose an explanation for the sudden and rapid rise in non-U.S. purchases of cyber liability insurance, and examine China's Cybersecurity Rule which took effect June 1, 2017. Read the article

  3. Driving a cyber-savvy culture to combat cyber threats

    By Patrick Kulesa

    Patrick Kulesa discusses the importance of company culture, how it affects the human element of cyber risk, and the value provided by a cyber risk culture survey when utilized as an analytical tool. Read the article

  4. The importance of boosting your organization's "Cyber IQ"

    By Tracey Malcom and Brian Warszona

    Tracey Malcom and Brian Warszona delve into the value of employee training, including the positive impact it can have on the way underwriters evaluate a cyber liability insurance applicant. Read the article

  5. Navigating the path to recovery after a breach

    By Anthony Rapa

    Anthony Rapa shares a recent case study involving a client that suffered an unauthorized network intrusion by hackers and how Willis Towers Watson helped minimize income loss through robust claims advocacy. Read the article

  6. Cyberinsurance takes specific flight path for airlines

    By Jamie Monck-Mason

    Jamie Monck-Mason takes an in-depth look at the cyber risk issues unique to the aviation industry, the coverage typically provided under cyber and aviation policies, and CyFly: our proprietary solution designed to address many of the inherent coverage gaps. Read the article

  7. Spotlight on revised NY Financial Regulations

    By Ken Dort and Reeya Thakrar of Drinker Biddle

    Ken Dort and Reeya Thakrar of Drinker Biddle provide a summary of the newly enacted New York Department of Financial Services cybersecurity regulations, a first of its kind statute which may very well serve as a model for other state legislators focused on financial institutions. Read the article

Related content tags, list of links Article Decode Cyber Brief Cyber Risk Management United States