A new study from Aon and the Ponemon Institute has revealed that the global average cost of a cyber attack sits at US$3.6 million but businesses are not doing enough to protect their assets.
The new study found that organisations now believe their cyber assets are more valuable than plant, property, and equipment assets even though they are spending a budget four times greater than the insurance protecting more traditional risk.
Dr Larry Ponemon, founder and chairman of the Ponemon Institute, said that the findings show a “serious disconnect in risk management”.
“What’s interesting is that the majority of companies cover plant, property and equipment losses, insuring an average of 59% and self-insuring 28%. Cyber is almost the opposite, as companies are insuring an average of 15% and self-insuring 59%,” Ponemon said.
The survey found that the majority of respondents felt that cyber insurance is inadequate to meet the needs of their business, is too expensive and has too many exclusions.
These findings show that the industry still has work to do on cyber as 65% of respondents expect their cyber risk exposure to increase over the next two years.
Despite the awareness of cyber insurance and the benefits it offers a business, only 14% of respondents to the global survey said that their company will purchase cover over the next 12 months. Thirty-six percent blamed expensive premiums for their lack of interest with inadequate coverage based on exposure pulling in the same number of respondents.
“We have found that most organisations spend multiples more premium for fire insurance, for example, than for cyber insurance, even though they state in their publicly disclosed documents that a majority of the organisation’s value is attributed to intangible assets,” Kevin Kalinich, cyber/network global practice leader, Aon Risk Solutions said.
Keeping up with cyber criminals
Pressure on insurance workers as terrorism rises
There is a “serious disconnect” in risk management on cyber, new research has found.