Business leaders ‘overconfident’ on cyber resilience: Beazley

Latest research carried out by specialty insurer Beazley finds that fewer US and UK business leaders rank cyber as their leading risk in 2022 compared with last year, as geopolitical turmoil pushes broader business and environmental concerns higher.

Beazley’s latest Risk & Resilience report, based on input from more than 2,000 business leaders in the UK, the US, Canada and Singapore, finds that confidence in resilience to the cyber threat remains high, but may be “overoptimistic”.

Cyber remains the leading concern in the technology risk category, with 28% of UK and US respondents listing it as their number one risk in 2022, but this is down 18% from 34% in 2021.

“There is also a worrying degree of complacency around active cyber risk management and maintaining resilience to cyber threats, with over 41% of UK and US business leaders feeling ‘very prepared’ to meet the cyber threat, which although down marginally (5%) on 2021, may yet demonstrate overconfidence,” comments Beazley.

“We are detecting signs that business leaders may have become a little complacent – even overconfident – about the cyber and technology risks faced by their businesses. Perhaps because of the overwhelming challenge that the current geopolitical environment poses today, they may be blinded to the threat that cyber and technology risk may deliver tomorrow,” says Patricia Kocsondy, head of US cyber and technology at Beazley.

The new report shows that year on year, the proportion of business leaders putting intellectual property (IP) risk first has risen dramatically, up 107% in real terms since 2021. Meanwhile, the proportion of businesses putting technology obsolescence top of their list has also risen, with concern increasing more in the US than the UK.

While perceived resilience to cyber and technology risks generally remains relatively high, with 31% of UK firms and 43% of US firms feeling ‘very prepared’ across all four risks within this risk category, resilience perception has dropped across the board, down 9% on average – with IP risk resilience down 12% and disruption risk down 10%, compared with 2021.

“Mid-market clients in particular are struggling with what is being asked of them in terms of funding, budgeting for and repairing technology to keep pace with a range of cyber and technology risks. At Beazley, we are placing a lot more emphasis on questions around how to handle end-of-life software and hardware issues, with many industries now in catchup mode to budget for what their insurers require,” says Bala Larson, head of cyber client experience at Beazley.

End-of-life software is a rising area of risk for businesses, with ageing legacy IT systems a concern, Beazley says.

Risk and insurance managers are more than aware that pricing for cyber insurance is rising and insurers are becoming more selective about which cyber risks they write.

Beazley says insureds need to regard cyber resilience and risk management as much more than a tickbox exercise, as they seek to protect intangible assets and ensure business continuity.

“More companies in the UK have cyber insurance cover since 2021 and perhaps feel more protected, but there is a sense that many view this purchase as a box-ticking exercise, while too many companies still lack basic protections against cyberattacks,” says Aidan Flynn, head of London and international underwriting management, cyber, Beazley.

Back to top button