A recent report by Marsh shows an increase in awareness since last year, but only a third of respondants are insured against cyber

Hack, cyber

According to research by Marsh, many UK firms are still failing to estimate the financial impact of a cyber-attack or assess their suppliers and customers for cyber risk.

In its UK Cyber Risk Survey Report 2016, Marsh found that board-level ownership of cyber risk among the UK businesses surveyed has increased from 19% in 2015 to 30% this year, and that levels of understanding have also increased since last year, with 83% of respondents saying they have a basic or complete understanding of their company’s cyber exposure, compared to a previous 61%.

According to the report, 29% of respondents have bought or are in the process of buying cyber insurance cover, while an additional 26% are currently engaging with the insurance market and are seeking quotations for cyber insurance.

In addition to this, levels of cyber risk assessment when it comes to supply chains remain low, with only 26% of respondents showing confidence on this aspect. Furthermore, just 35% of respondents’ organisations have been asked to demonstrate a competent standard of IT security practices by their bank and/or customers in order to do business with them.

Marsh UK & Ireland chief executive Mark Weil said: “This increase in board-level ownership and control suggests that the recent series of high-profile cyber incidents has resulted in UK organisations recognising that cyber threats are serious. We also welcome the growing take-up of cyber insurance as a way for boards to verify in the risk market that their security measures are effective. The gaps in assessing supplier risk and quantifying the scale of cyber threat suggest that there is still plenty to do.”