April 25, 2017 by Canadian Underwriter
Global organizations are spending nearly four times more budget on property-related risks than cyber risks, according to a report released on Tuesday by the Ponemon Institute and sponsored by Aon plc.
The 2017 Cyber Risk Transfer Comparison Global Report also found that organizations now believe that their cyber assets are more valuable than plant, property and equipment (PP&E) assets, even though they are spending four times more budget on insurance protecting the latter risks. The global survey was based on a consolidated sampling frame composed of 60,220 individuals in North America, Europe, the Middle East, Africa, Asia Pacific and Latin America. The final sample consisted of 2,168 surveys.
“This unique cyber study found a serious disconnect in risk management,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, a privacy, data protection and information security research firm. “What’s interesting is that the majority of companies cover plant, property and equipment losses, insuring an average of 59 per cent and self-insuring 28 per cent,” Dr. Ponemon said in a press release from Aon. “Cyber is almost the opposite, as companies are insuring an average of 15 per cent and self-insuring 59 per cent.”
While the majority of surveyed respondents found that cyber insurance was “inadequate to meet the needs of their organization, too expensive and has too many exclusions,” 46% reported a data breach in the last two years, with an average financial impact of US$3.6 million. Based on data breaches and security exploits experienced by the surveyed organizations, the greatest threats are business process failures that caused disruption to business operations as well as cyberattacks that caused disruption to both business and IT operations, Aon said in the release. Looking ahead, 65% of organizations expect their cyber risk exposure to increase in the next two years.
“This study compared the relative insurance protection of certain tangible versus intangible assets,” added Kevin Kalinich, cyber/network global practice leader with Aon Risk Solutions. “We have found that most organizations spend multiples more premium for fire insurance, for example, than for cyber insurance, even though they state in their publicly disclosed documents that a majority of the organization’s value is attributed to intangible assets.”
Other findings included: