A recent survey of risk managers—those charged with identifying, evaluating, and selecting the best techniques to mitigate risk—by Nationwide Insurance revealed that cybersecurity takes up a substantial portion of their budgets. 68% expect these budgets will continue to grow in the coming years.
Nationwide’s previous studies have revealed that consumers as well as small to mid-sized businesses have begun to take cyber threats very seriously,” said Tim Nunziata, Vice President of Cyber Risk for Nationwide Excess and Surplus/Specialty. “Large businesses have always been a target to cyber attacks and that’s why many already have teams in place to protect them. As the threats become more frequent and sophisticated, risk managers know they must remain vigilant.”
War with Ukraine Increased Cyber Risks
Respondents believe there is a greater risk of their company experiencing a cyber attack since the beginning of the war in Ukraine (57%). 90% say they are concerned about their company falling victim to a cyber attack and risk in loss of sensitive information, information security, and operational risks. But they are preparing, 91% have an incident response plan in the event of a cyber attack.
Of those who took part in Nationwide’s survey, 68% report their company has been the victim of an attack in the last three years. That’s including almost 1 in 4 (24%) in the past year. 88% say that they’ve experienced a type of cyber attack at some point in their company’s history.
Cyber Attacks Are Costly, and Recovery Takes Time
Of those who experienced an attack nearly 7 in 10 (68%) report their business operations were impacted. And three-quarters (75%) reported a significant or moderate financial impact within that.
71% said recovery from the attacks occurred took longer than one month. Plus, more than a third (35%) reported the process taking longer than four months.
Deepfakes on the Horizon
Risk managers are on the lookout for common attacks but there’s a new threat to keep an eye on. The cyberattack of the future? Deepfakes — a type of artificial intelligence used to create convincing images, including audio and video hoaxes, often with malicious intent.
Despite an increase in companies falling prey to deepfake attacks and even warnings from the FBI, it’s not high on the list of concerns for risk managers. Only 6% of those surveyed say social engineering, impersonation, or other tactics to manipulate employees is their biggest concern.
Cyber Insurance is Key
Companies are turning to insurance experts for help. 83% report they are renewing their current cyber policy. 94% of those who did renew that policy said their broker or agent played an important role during the renewal process. Half (53%) of risk managers report their coverage has changed in the past two years, with most reporting that they’ve increased their coverage.
“Agents and brokers can help clarify the threat landscape, including what is out there and what cyber trends they are seeing,” said Nunziata. “Where they really provide value is making sure a business has the coverage they need to protect and mitigate issues.”
For additional information on cyber security, check out Why Do Insurers Need to Think Like Cybercriminals?