A Wells Fargo study released Wednesday found that big businesses worry more about data loss than about hackers breaching their security.
Wells Fargo’s insurance branch conducted the study, which surveyed 100 companies. The survey found that 47% of companies making more than $100 million in revenue were worried about data loss in 2016, while only 26% were overly concerned about hackers gaining access to their data. Another 26% were worried about security breaches that didn’t involve outside hacking.
Employee misuse of technology was also a concern among companies – although not as big a concern as it should have been, according to Wells Fargo Insurance’s Dena Cusick.
“It’s surprising that businesses are not more concerned with employee misuse of technology —what I like to call the human factor,” Cusick said in a statement. “Cyber risk management is first and foremost about education. Informing and regularly training employees on security protocols and incident response plans is critical for businesses today.”
But 15% of the companies Wells Fargo surveyed don’t require any employee training on cyber security, according to the report.
Wells Fargo also warned in the report that imposter fraud is becoming a bigger problem for companies. In this fraud, a phishing scammer gains access to a company executive’s email account and requests that money be sent to a bank account. Wells Fargo reported that one in five large companies had been targeted by imposter fraud. Despite the growing prevalence of this kind of fraud, the survey found that only 38% of companies had added imposter coverage to their insurance policies.
“Coverage for this type of claim is complicated as most crime policies require either direct theft by an employee or someone without authority initiating a fraudulent payment,” the report stated. “In a case of impostor fraud, neither of these circumstances applies. The individuals sending payments are fully authorized to do so within the scope of their employment; they simply send it to an impostor. In order to obtain coverage for this exposure, the standard crime policy must have an affirmative coverage grant added by endorsement.”
On the upside, cyber security policies are getting easier to find, the survey found. In last year’s survey, 47% of companies said they had a hard time finding the right cyber security policy for their needs. This year, that number was down to 43%.