In Aon’s latest Cyber Resilience Report, companies are shown to have made significant strides in strengthening their cyber defenses and achieving greater resilience in the face of escalating cyber threats.
The report reveals key insights gathered from over 2,000 Aon clients worldwide, showcasing a positive global shift in cyber maturity from “basic” to “managed” between 2020 and 2022.
The past four years have been marked by a surge in cyber threats and ransomware attacks, leading to higher insurance premiums and stricter underwriting measures.
This situation drove organisations to adopt increased underwriting rigor, emphasising security controls and guidelines to assess and manage cyber risks more effectively.
Notably, the report indicates a decline in ransomware claims by 32 percent and an overall reduction of cyber insurance claims frequency by 14 percent in 2022. This positive trend is attributed to companies’ focus on improving critical security domains and implementing measures such as access management and multi-factor authentication strategies.
However, the report also highlights an area of concern: third-party risk management. Across all sectors, no organisation reported a “managed” profile for third-party risk. The complexity of supply chain risk and the growing interconnectivity of technology stacks pose challenges in effectively managing third-party exposures.
Experts predict that insurers will increasingly prioritise systemic and correlated risk exposure and impact this year, especially in the wake of recent high-profile data breaches that exposed vulnerabilities in delivery platforms.
The Cyber Resilience Report provides a comprehensive benchmark for leaders to assess their organisation’s risk maturity against peer companies and make informed decisions in managing cyber risks across six featured themes: cyber, operational, supply chain, insider, reputational, and systemic.
Aon stresses that achieving cyber resilience requires a holistic approach that connects proactive risk management, response preparation, and risk transfer mechanisms.
Risk transfer, which extends beyond traditional insurance placement, includes viable options such as captives and alternative capital to provide balance sheet protection.