Can businesses ever be truly prepared for the risks of rapid technological advancement?
Our research is showing that a sense of ‘normalisation’ around cybersecurity risks is taking hold in boardrooms across the globe, and cyber risk is dropping down their risk agenda.
At a time when the economic impacts of cybercrime continue to escalate, cyber criminals splintered by the War in Ukraine are beginning to regroup and the rise of AI tools is generating endless unknown risks, can business leaders afford to let their guard down?
Key findings
27%
Cite cybercrime risk as their top area of concern (down from 34% in 2021).
74%
Feel very or moderately prepared for a cyber-attack down from 80% in 2022.
26%
Rank tech obsolescence and the threat of new tech as their biggest concern.
24%
Rank intellectual property (IP) theft as their primary concern up from just 11% in 2021.
Cyber risk and resilience in decline as business lulled into false sense of security
From the emergence of artificial intelligence (AI) to more sophisticated forms of ransomware, a myriad of cyber risks and challenges are now stacking up in the in-trays of executives responsible for managing these risks.
"Businesses are struggling to keep up with cyber threats. They need to constantly be thinking about what is next and how to mitigate these risks, as bad actors are always looking for new ways to attack."
Paul Bantick, Global Head of Cyber Risks, Beazley
Technology and cyber risks impact firms in equal measure:
Boardroom perception of cyber risk falls sharply from the pandemic years
Ransomware attacks are here to stay, despite a temporary decline after Russia’s invasion of Ukraine – cyber gangs are now regrouping and looking to recoup lost profits.
Smaller businesses with limited cybersecurity resources – often SMEs – serve as a training ground for new cyber criminals to learn their trade as cybercrime gang activity rebounds. Where once cyber hackers took weeks to gain access to a network, now it is often only hours.
Small businesses believe that their cyber risk will fall in the future. This perception seems to rely on SMEs evolving their businesses while cybercriminal’s approaches remain static, Unfortunately, this is not the case. That’s why defence in depth cyber strategy is so important.
New avenues of attack for cyber criminals are emerging. The innovations that AI and machine learning will bring to the global economy are now front of mind for business leaders. However, whilst AI’s transformative potential is undeniable, it brings a new set of cyber challenges, potentially enabling threat actors to operate at a greater scale or offer novice hackers easy access to sophisticated code targeted at specific organisations.
Next Steps
It is incumbent on insurers and brokers, who play a key role in highlighting the threat to businesses and the positive impact of defence in depth security, to ensure firms do not become desensitised to the cyber risk and expose themselves to ever more effective cyber criminals.
The evolution of technology is making more and more businesses feel exposed. Insurers must ensure that they are evolving as partners. That we are supporting businesses as they embrace new innovations, jolting them from their reverie when they believe a clear threat has dissipated and working to create new solutions as risks compound and their potential impact grows.
Small businesses believe that their cyber risk will fall in the future. This perception seems to rely on SMEs evolving their businesses while cybercriminal’s approaches remain static, Unfortunately, this is not the case. That’s why defence in depth cyber strategy is so important.
