Do industries feel prepared to deal with a cyberattack?
Beazley, a London-based insurance firm, has published a new report highlighting business perceptions of technology risk.
The report notes how the COVID-19 pandemic forced businesses to adapt their technology infrastructure to new ways of operating. Not only has this led to a greater threat of disruption by competitors, but it has also opened the door to cybercriminals who move quickly to exploit staff, processes, and networks that were suddenly exposed beyond the corporate firewall.
The report divides technology risk into four categories:
- Cyber: IT-based threats affecting anything from national infrastructure to individual customer data, including data leaks and system breaches via hack, ransomware or employee error
- Disruption: failure to innovate or keep pace with new developments, competitor activity, customer demand or market shifts
- Tech: failure to keep up with changing technology developments and opportunities, for example, artificial intelligence (AI), the Internet of Things (IoT) and automation
- Intellectual property: failure to recognise and protect the value of intellectual property assets such as know-how, trademarks, patents or other intangible assets
Cyber threats
Cyber risks are ranked highest within the technology risk category. In the US 38% of leaders rank cyber risk top compared to 29% in the United Kingdom. 55% of US businesses feel very prepared to anticipate and respond to cyber risk vs. 34% in the UK.
Overall, the sectors which feel most exposed to cyber threats include energy and utilities, with 40% of businesses ranking this their top risk, followed by retail and technology, media and telecoms (TMT), both with 38% of companies ranking this risk top.
“All members of the cyber security community, including regulators, network security professionals, cyber insurers, brokers and risk managers, will need to collaborate to raise awareness and be prepared to combat the next global systemic threat,” Bob Wice Head of Underwriting Management, Cyber & Tech.
In the US, almost two-thirds (65%) of retail leaders and over two-thirds (69%) of financial and professional services leaders feel very prepared to anticipate and respond to cyber risk. In the UK, where data privacy regulation has been in place for a shorter period of time, these industries are notably less confident. Less than a third (28%) of financial and professional service leaders and only 32% of retail leaders feel very prepared to manage cyber risk in the UK.
Disruption: Keeping up with demand
Disruption risk, or the failure to innovate and keep pace with new developments, customer demand or market shifts is ranked second in the technology category, with 30% of business leaders identifying it as their key risk.
UK respondents are particularly concerned by the threat that it poses, with 32% ranking it their highest risk factor vs. 28% in the United States. In terms of the ability to anticipate and respond to disruption risk, 41% of businesses overall reported they felt well prepared.
Investing in tech
Tech risks are defined in the report as not adapting to changing technology developments and opportunities. 26% of business leaders in the U.S. and U.K. ranked this their highest risk.
44% of overall businesses report they feel ‘very prepared’ to manage tech risk. This level of resilience likely reflects the fact that successful companies have harnessed a combination of hiring and investment to ensure they manage this threat appropriately.
The intellectual property blind spot
Intellectual property (IP) risks ranked last in the technology risk assessment, with only 11% of business leaders overall ranking this a primary concern.
Given that intangible assets are the predominant source of economic value for many businesses, accounting for 75% of business value globally, the low-risk ranking assigned to IP is a potential blind spot that may require remediation.