70% of business report hacking scare, incident in last year: HSB

By Chad Hemenway on June 4, 2015

Nearly 70 percent of businesses experienced at least one hacking scare or incident in the past year, with 32 percent suffering more than 5 incidents, according to a study of business risk managers released by The Hartford Steam Boiler Inspection and Insurance Company, part of Munich Re.

THSB found that 36 percent of businesses surveyed do not have any level of cyber insurance coverage, but 46 percent say their business has either purchased cyber insurance for the first time or increased its level of coverage in the last year.

Nevertheless, more than half (55 percent) don’t believe their company is dedicating enough money or trained and experienced personnel to combat the latest hacking techniques.

“Hackers have evolved and so have their methods of attack,” said Eric Cernak, Cyber Practice leader for Munich Re. “Businesses are on high alert, but they can do a lot better. Simply reacting to new threats is not enough. Businesses of all sizes need to anticipate hacking trends and deploy the resources necessary to protect their private or sensitive information.”

Of the risk managers polled by HSB, 63 percent represented large enterprises, followed by 30 percent at mid-sized organizations and seven percent at small businesses. HSB conducted a poll at the annual RIMS conference in New Orleans in April. More than 100 risk managers participated through in-person interviews, and represented small (1-99 employees), mid- (100-999 employees) and large-sized (1,000+ employees) businesses in the following industries: manufacturing/industrial; retail; financial services; government/military; medical/healthcare; and education.

The survey revealed a notable exposure and concern with the use of cloud technology. Loss of confidentiality of information is viewed as the biggest risk (76 percent), followed by service interruption (16 percent) and government intrusion (5 percent).

Concerns about the type of information being breached ranged from personally identifiable information (53 percent) to sensitive corporate information (33 percent) to financial information (14 percent).

When asked about the type of risk management services they would be most interested in deploying to combat cyber risk, risk managers point to intrusion detection/penetration testing (32 percent), employee education programs (25 percent) and encryption (25 percent).

Source: Hartford Steam Boiler

 

Chad Hemenway is Managing Editor of Advisen News. He has more than 15 years of journalist experience at a variety of online, daily, and weekly publications. He has covered P&C insurance news since 2007, and he has experience writing about all P&C lines as well as regulation and litigation. Chad won a Jesse H. Neal Award for Best Single Article in 2014 for his coverage of the insurance implications of traumatic brain injuries and Best News Coverage in 2013 for coverage of Superstorm Sandy. Contact Chad at 212.897.4824 or [email protected].