Information assets underinsured from cyber attack, Aon/Ponemon study says

By Cate Chapman on May 11, 2015

Companies are only insuring 12 percent of global information assets from the risk of cyber attack, compared with 51 percent of tangible property, according to a global study by Aon and Ponemon Institute.

The survey of more than 2,200 companies in almost 40 countries, looked at how companies qualify and quantify the financial risk to their tangible and intangible assets in the event of a network privacy or security incident.

Coverage of information assets is low in spite of the fact that companies, on average, valued information assets almost as highly as plants, property and equipment. Meanwhile, the use of internet-connected devices is projected to grow from 10 to 50 billion in five years, the study said, citing Cisco, potentially boosting the amount of these assets exposed to attack.

“The explosion of cloud computing, mobile devices, big data analytics and the Internet of Things is creating enterprise risk management issues that are rapidly growing with the increased use of information assets and technology,” said Kevin Kalinich, global practice leader for cyber/network risk at Aon Risk Solutions.

Findings of the survey include:

  • Nineteen percent of respondents say their company has cyber insurance coverage.
  • Fifty-two percent of respondents believe their companies’ exposure to cyber risk will increase over the next two years.
  • Thirty-seven percent of companies surveyed experienced a material or significantly disruptive security exploit or data breach one or more times during the past two years and the average economic impact of the event was $2.1 million.
  • Fifty percent of respondents say their company would disclose the loss of property, plant and equipment in its financial statements. However, 34 percent of respondents say information asset losses do not require disclosure.

“It’s clear that there is a risk and losses can be anticipated, but organizations are not insuring against the risk,” said Larry Ponemon, chairman and founder of the Ponemon Institute, a research firm on privacy, data protection and information security.

Cate Chapman

cchapman@advisen.com'

RELATED POSTS

Zurich’s 12th Annual Information Security and Cyber Risk Management Survey

Executive Interview: Trend Micro’s Eric Skinner

Russell Announces New Loss Data License with Zywave

Winter weather scenarios should be part of business resiliency plans: CNA risk expert