Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/26/2016
01:10 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Cyber Risk Among Top Concerns For Business Leaders: Study

More than 50% of business leaders surveyed in the Travelers Risk Index report cyber, computer, and technology risks are among their top concerns.

Cyber risk is a top concern among 54% of enterprise leaders, but only 13% are "very confident" they have the best safeguards to avoid a cyberattack.

This comes from the 2016 Travelers Risk Index, which is conducted each year to learn the biggest worries among American business leaders and consumers. The insurer partnered with Hart Research, which surveyed 1,202 business decision makers across 11 industry sectors.

Among enterprise leaders, the biggest areas of concern include medical cost inflation (59%), rising employee benefit costs (56%), cyber risks and data breaches (54%), legal liability (51%), and attracting and retaining talent (50%).

The overall concern for cyber risk declined since last year, dropping from 58% to 54% of business leaders. Cyber threats remain the top concern among 61% of large businesses, with 23% reporting increases in external data breaches and cyberattacks.

Smaller organizations are less worried. Cyber risk ranked fifth among concerns for small businesses and third among medium-sized organizations. Among small businesses, 89% said they had never experienced a breach.

When asked about specific risks, 49% of business leaders report they worry from "some" to "a great deal" about someone hacking into the corporate system. Computer damage and shutdown came in second place, with 48% of respondents expressing concern.

Other common fears included outsiders gaining access to financial systems (46%), employees putting corporate data at risk through unsafe practices or personal devices (45%), and having the resources to recover from data breaches (42%).

Most organizations are not prepared to handle the damage from cybercrime. The majority (81%) of businesses are not confident in the steps they should take following an attack, and 32% have implemented a response plan to handle a breach.

Enterprise leaders should also note how security breaches have little effect on consumer behavior. The survey discovered nearly 25% of consumers had experienced a breach, but since then, did not take greater security precautions than those who had never been attacked.

When asked to identify emerging areas of risk, business leaders listed the evolution of technology and changing workforce as their biggest worries. Increased connectivity among people and objects, and the growth of automation, will drive risk.

The rise of technology has sparked concern about how businesses will attract and retain talent in the future. Forty-three percent of businesses are worried about retaining employees with valued skills and experience, and 39% worry about finding new qualified workers as more millennials enter the workforce and skill availability continues to change.

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC,  12/5/2019
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "This is the last time we hire Game of Thrones Security"
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19230
PUBLISHED: 2019-12-09
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.
CVE-2013-0342
PUBLISHED: 2019-12-09
The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.
CVE-2014-0242
PUBLISHED: 2019-12-09
mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
CVE-2015-3424
PUBLISHED: 2019-12-09
SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter.
CVE-2015-3425
PUBLISHED: 2019-12-09
Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_content$_uig_formState parameter.