Insurance CEOs may need to go back to basics to ensure their cyber investments are protecting against the right risks in the right way.
Insurers confidently deal with massive risks every day. But when it comes to their cyber security, they are not so confident. According to a recent survey of more than 100 insurance CEOs, less than one-in-five believes their organisation is fully prepared for a cyber-event. And 42 percent think cyber security is their most pressing risk, far outweighing their concerns about other key risk areas such as regulatory risk.
Clearly, cyber security is at the very top of the executive agenda. And our data suggests that CEOs plan to devote significant investment towards improving their cyber security stance over the next few years.
While this is certainly encouraging news – more investment is urgently needed – our experience working with large insurance organisations suggests that CEOs may need to take pause to rethink their cyber security program if they hope to achieve real results from their investments.