Lloyd's finding may be somehow inquieting considering that these days almost every business, regardless of size or location, relies on digital technology. While it helps companies become more efficient, reduces their costs and opens up new markets, it also makes them more vulnerable to cyber-attacks, says LLOYD's, also stressing out that "adding additional urgency is the fact that, in 2018, the European Union is introducing the General Data Protection Regulation (GDPR), which will set rigorous requirements for any businesses that deal with European consumers' data."
In fact, the survey has revealed that 97% of the top managers who have been interviewed during the survey have heard of the GDPR but only 7% said they know "a great deal" about it; 57% said they know "little" or "nothing" about the new regulations, despite the serious financial and legal consequences of not complying with its rules.
How cyber insurance can help, in LLOYD's view:
- According to this survey, 73% of business leaders have a limited knowledge of cyber insurance and 50% don't know that cyber cover for data breaches is available.
- Cyber insurance not only provides a financial pay-out after a cyber-attack, but also offers expert consultancy to improve security and on-the-ground support during the crisis period
- Working with underwriters who understand this risk from the beginning will benefit a company's security strategy. Underwriters can help businesses identify risks and vulnerabilities, and can therefore mitigate the likelihood of a breach happening in the first place
- All these help protect company balance sheets, as well as drives up cyber security and risk mitigation standards across the industry.
The LLOYD's study concludes: "Cyber is the most complex, current and critical risk businesses face today: it is a matter of when not if a business becomes a victim of a cyber breach or attack." Cyber incidents have the potential to cause business interruption, financial penalties, regulatory scrutiny and reputational damage. "All of these are serious threats to a business's revenue, share price or even survival. The results of this survey show that while many businesses appear confident about their level of readiness for the GDPR, their understanding of its implications is low and recent examples of data breaches suggest companies are not as prepared for cyber-attacks as they think they are."