In the recently released 2023 Travelers Risk Index, The Travelers Companies, Inc. highlighted that for the ninth consecutive year, cyber threats continue to rank among the top three business concerns for a wide spectrum of companies.
The annual survey, which encompassed responses from 1,200 participants representing small, medium, and large-sized enterprises, shed light on the persistent anxiety surrounding cybersecurity in the corporate world.
Medical cost inflation led the pack as the primary concern, with 60% of survey participants expressing worry, closely followed by broad economic uncertainty at 59%.
Notably, 58% of respondents revealed that they are concerned to some extent about cyber threats, positioning it as the third most worrisome issue.
Tim Francis, Enterprise Cyber Lead at Travelers, emphasised the gravity of cyber risks, noting that a single cyberattack can have dire consequences, potentially undermining an organisation’s stability or even causing its demise.
Despite the mounting concerns, he reassured that there are effective measures companies can adopt to address vulnerabilities and successfully navigate through a cyber event.
While many respondents expressed confidence in their company’s cybersecurity practices, concerning gaps were revealed in the survey results. Shockingly, at least a quarter of businesses surveyed had not taken crucial steps such as installing firewalls or virus protection, implementing data backup, and updating passwords.
Additionally, a significant percentage of businesses admitted to not utilising endpoint detection and response (64%), conducting cyber assessments for vendors (57%) or customers’ assets (56%), having an incident response plan (50%), or implementing multifactor authentication for remote access (44%).
Cyberattacks are a sobering reality, with nearly 23% of survey participants disclosing that their company had fallen victim to a cyberattack, with almost half of these incidents (49%) occurring within the past year.
Among the growing cyber threats, phishing scams were of particular concern, with large companies reporting a notable increase in incidents, jumping from 14% to 27% over the past year.
Security breaches, where unauthorised access is gained to a company’s computer systems, remained the most common type of cyber event, accounting for nearly a third (32%) of all attacks.
Intriguingly, ransomware, despite being a leading cause of cyber-related claims in the industry, only ranked ninth among specific cyber worries for businesses.
The survey also unveiled that awareness of cyber-specific risks is on the rise, with 81% of respondents acknowledging the critical importance of having proper cybersecurity controls in place for their company’s well-being. This figure represents a steady increase from 78% the previous year and 69% in 2018.
In response to the findings, Tim Francis urged businesses to recognise that more can still be done to bolster their cybersecurity preparedness.
He emphasised the importance of a well-designed, multi-layered cybersecurity program to mitigate the threat of a cyber event and encouraged organisations to collaborate closely with their independent insurance agents in navigating the evolving cyber landscape.
