2018 Cyber and Data Security Risk Survey

Posted in Alerts

Marsh & McLennan Agency surveyed 1,141 executives from small to middle-market organizations across North America, and found that they are clearly concerned about cyber risk – but, by their own admission, they do not have a grasp of how to protect themselves.

Look at these conflicting responses:

On the one hand:

  • Almost 60% said they consider cyber to be one of the top five risks they face, if not the very first (see Figure 1)
  • 78% said they were highly or at least fairly confident that their organization would be able to manage and respond to a cyber-attack.
  • And 82% said they were highly or at least fairly confident that their organization would be able to understand and assess a cyber-attack.

On the other hand:

  • Only 18% said they had developed a cyber incident response plan.
  • 34% said they had conducted a cybersecurity gap assessment.
  • 36% said they had implemented a plan to train employees to recognize phishing emails.
  • And 23% said they had conducted penetration testing of their online defenses.

The disparity is considerable. Executives are clearly worried about cyber risk, but admit they do not understand the range of protective steps available to them. Notably, when senior executives were asked if their organizations carried cyber insurance, more than a third said they did not even know. 

To read the full report and to take a closer look at the survey results, visit our national landing page
https://www.marshmma.com/offerings/business-insurance/cyber-liability