Fifty-one per cent of Australian companies are lacking the agility, budget and skill to mitigate known vulnerabilities and successfully address cyber security, accoring to a study by Ernst & Young.
The survey, Global Information and Security Survey (GISS), outlines that 80% of companies believe they face an increased cyber threat. For the first time in 17 years, the survey reveals that the biggest threat is posed by external forces such as ‘hacktavists’ and criminal syndicates.
Ernst & Young’s Oceania Information Security Leader, Mike Trovato, warned Australian companies that they face an increased threat from more sophisticated sources.
“We are living in a cyber ecosystem where threats are coming from more and more resourceful and well-funded sources.
“Today it is too easy to blame business or government neglect, the media, computer users or IT systems developers, and operators for the epidemic of cyber crime. Nor can we just say those that have fallen victim are just the unlucky, that this will maybe happen to us all.
“The genie is out of the bottle – and we can’t put it back, we all have to learn to adapt or perish.”
In a similar survey conducted in the US, it was found that 40% of companies don’t think they need cyber coverage while 29% believe that cyber coverage is already provided under their existing policies.
The survey of insurance professionals found that only 12% of businesses say the biggest challenge of cyber coverage is the price while most insurers surveyed are expecting to sell 5% or more cyber coverage over the coming 12 months.
Shawn Dougherty, Assistant Vice President of Specialty Commercial Lines at ISO – who sponsored the survey – warned companies not to get complacent with their coverage.
“Even though data breaches are in the news every week, many companies still don’t recognise that cyber attacks are serious, and that the costs associated with responding to one can be significant and generally not covered under current commercial insurance policies.”
“That’s why insurers and brokers are working hard to educate businesses and make it easy for them to add cyber coverage to their existing insurance portfolio.”
