This resource is no longer available
Many UK firms are failing to adequately assess their customers and trading partners for cyber risk, and are more vulnerable to cyber attacks themselves as a result.
Marsh’s Cyber Risk Survey Report revealed that nearly 70% of respondents from large and medium-sized corporations across the UK do not assess the suppliers and/or customers they trade with for cyber risk.
More than half of respondents stated that their organisation has not been asked to demonstrate a competent standard of their IT security practices to their bank and/or customers, in order to do business with them.
Board-level ownership of cyber risk remains comparatively low – IT departments continue to take primary responsibility for cyber risk in the majority of organisations, while the board takes primary responsibility for cyber risks in less than one-fifth of the organisations surveyed.
While the majority of firms surveyed have or are seeking to buy cyber insurance in the next 12 months, only 11% currently have policies in place.
The report’s findings are based on research among risk managers and chief financial officers from more than 100 large and medium-sized UK firms, including financial services, manufacturing, retail, healthcare and energy/utility companies.