December 2, 2022
90% of Risk Managers at Least Moderately Concerned about Cyber Attacks
A recent survey of risk managers—those charged with identifying, evaluating, and selecting the best techniques to mitigate risk—by Nationwide Insurance revealed that cybersecurity takes up a substantial portion of their budgets. 68% expect these budgets will continue to grow in the coming years.
Nationwide’s previous studies have revealed that consumers as well as small to mid-sized businesses have begun to take cyber threats very seriously,” said Tim Nunziata, Vice President of Cyber Risk for Nationwide Excess and Surplus/Specialty. “Large businesses have always been a target and that’s why many already have teams in place to protect them. As the threats become more frequent and sophisticated, risk managers know they must remain vigilant.”
War with Ukraine Increased Cyber Risks
Respondents believe there is a greater risk of their company experiencing a cyberattack since the beginning of the war in Ukraine (57%). 90% say they are concerned about their company falling victim to a cyberattack. But they are preparing, 91% have an incident response plan in the event of a cyberattack.
68% of those who took part in Nationwide’s survey report their company has been the victim of an attack in the last three years, including almost 1 in 4 (24%) in the past year. 88% say that they’ve experienced an attack at some point in their company’s history.
Attacks Are Costly, and Recovery Takes Time
Of those who experienced an attack nearly 7 in 10 (68%) report their business operations were impacted and three-quarters (75%) reported a significant or moderate financial impact.
71% said recovery from the attack took longer than one month, and more than a third (35%) reported the process taking longer than four months. They view data breaches (24%), ransomware (13%) and business interruption (11%) as the top cybersecurity threats.
Deepfakes on the Horizon
Risk managers are on the lookout for common attacks but there’s a new threat to keep an eye on. The cyberattack of the future? Deepfakes — a type of artificial intelligence used to create convincing images, including audio and video hoaxes, often with malicious intent. Despite an increase in companies falling prey to deepfake attacks and even warnings from the FBI, it’s not high on the list of concerns for risk managers. Only 6% of those surveyed say social engineering, impersonation, or other tactics to manipulate employees is their biggest concern.
Cyber Insurance is Key
Companies are turning to insurance experts for help. 83% report they are renewing their current cyber policy. 94% of those who did renew that policy said their broker or agent played an important role during the renewal process. Half (53%) of risk managers report their coverage has changed in the past two years, with most reporting that they’ve increased their coverage.
“Agents and brokers can help clarify the threat landscape, including what is out there and what cyber trends they are seeing,” said Nunziata. “Where they really provide value is making sure a business has the coverage they need to protect and mitigate issues.”