Article

Decode Cyber Brief - Summer 2017 Edition

July 26, 2017
| United Kingdom, United States, Canada
Welcome to the Summer 2017 Edition of Decode Cyber Brief. Many developments have occurred in the cyber sphere during the short amount of time since the release of our last edition. Organizations have made headlines over reports of major cyber breaches while large-scale ransomware attacks WannaCry and Not-Petya have caused serious business interruptions at companies of all sizes. With cyber incidents on the rise, we continue to explore what makes organizations vulnerable to a cyberattack and provide solutions on how to mitigate risk across three segments – people risk, capital risk and technology risk

The recent cyber news underscores the fact that many organizations have yet to implement a cyber-savvy workforce and culture of cybersecurity that promotes training, awareness, responsibility and accountability across their enterprise, all of which are needed to truly combat cyber risk.

Research findings from our Willis Towers Watson 2017 Cyber Risk Surveys indicate that while three-quarters of U.S. companies believe they are highly protected and can adequately respond to threats, employees ranked insufficient understanding (79%) as the biggest barrier to their organization effectively managing its cyber risk. Nearly half of employees (45%) spent 30 minutes or less on cybersecurity training in 2016, and a quarter (25%) received none at all. It is important that each member of an organization, from top to bottom, commits to increasing their cyber IQ and takes steps to protect themselves and the company from cyber threats as part of their job, not a role simply relegated to IT.

Our data revealed two immediate priorities for organizations:

  1. Training for employees and contractors
  2. Reviewing the cyberinsurance gap and adding coverage

The ever-present risk of a myriad of business issues resulting from cyberattacks are steadily fueling international demand for cyber liability insurance. According to our study, more than nine in 10 companies have reviewed or plan to review their existing cyberinsurance, while eight in 10 are looking to enhance coverage. Given the potential catastrophic losses that can accompany a cyber breach, it is no surprise that companies are extensively reviewing their cyberinsurance policies and ensuring that they have all of the proper coverages.

Table of contents