Content, Content

Cybersecurity Concerns Rise, More Businesses Brace for a Cyberattack, Travelers Research Finds

Share
Communication network above Earth for global business and finance digital exchange. Internet of things (IoT), blockchain, smart connected cities, futuristic technology concept. Satellite view.

For the third time in four years, cyber threats were the top overall concern for business decision makers, according to a survey from Travelers Companies Inc. and conducted by Hart Research Associates.

Travelers, a provider of home, auto and business insurance products, surveyed 1,200 individuals for its 2022 Travelers Risk Index. Of those surveyed, 57% of whom said that today’s business environment is riskier compared to a year ago and believe a future cyberattack on their company or organization is inevitable.

While cyber threats (59%) again were the leading concern, Travelers reports other major fears of businesses in 2022 include:

  • Broad economic uncertainty (57%)
  • Fluctuations in oil and energy costs (56%),
  • The ability to attract and retain talent (56%)
  • Medical cost inflation (55%)

Travelers notes big jumps this year around concerns in oil and energy costs (a 16-point increase, up from 40%,) and supply chain risks (54%, up from 43%).

A Deeper Dive Into The Survey

Overconfidence in navigating the evolving cyber landscape is causing a false sense of security, Travelers asserts. In fact, 93% of respondents said that they were confident their company had implemented best practices to prevent or mitigate a cyber event.

When asked whether their company had taken specific prevention measures, the majority had not. Travelers reports that 64% of respondents said they do not use endpoint detection and response (EDR) measures. Also, 59% have not conducted a cyber assessment for vendors, and 53% don’t have an incident response plan.

Additionally, multifactor authentication (MFA) has been slow to catch on, as 90% of respondents said they were familiar with MFA but only 52% said their company had implemented the practice for remote access.

Tim Francis, Enterprise Cyber lead at Travelers, added context to the survey results:

“Cyberattacks can shut down a company for a long period of time or even put it out of business, and it’s imperative that companies have a plan in place to mitigate any associated operational and financial disruptions. Effective measures that have proven to reduce the risk of becoming a cyber victim are available, but based on these survey results, not enough companies are taking action. It’s never too late, and these steps can help businesses avoid a devastating cyber event.”

Security Breach, Hacking Cause Most Concern

Other cybersecurity related findings include:

  • Suffering a security breach or someone hacking into a business computer system remain top concerns, as 57% said they worry about it “some or a great deal.” Meanwhile, 55% said a system glitch causing the company’s computers to go down was a top concern. Also, becoming a cyber extortion/ransomware victim moved from eighth position to third this year at 54%.
  • For the seventh consecutive year, there was an increase in the percentage of survey participants who said their company had suffered a data breach or cyber event. This year, 26% said their company had been a cyber victim, with 49% reporting that the event had happened within the past 12 months.
  • Of those who said their company had suffered a data breach or cyber event, 71% have been a victim more than once.
  • Nearly 75% of respondents said they believe having a cyber insurance policy is critical. However, only 59% said their company had a policy, up only 3 points from 2021. Small businesses accounted for the largest increase of cyber policy purchasers, up from 30%, to 38% this year.

Francis offered warning against not being prepared for a cyber incident:

“Multiple cyberattacks might not be random. If you were vulnerable before and don’t take appropriate action as a result, you continue to be at risk. It’s important to take the prospect of a cyberattack seriously and to put your company in position to successfully manage a likely event.”

Jim Masters

Jim Masters is Managing Editor of MSSP Alert, and holds a B.A. degree in Journalism from Northern Illinois University. His career has spanned governmental and investigative reporting for daily newspapers in the Northwest Indiana Region and 16 years in a global internal communications role for a Fortune 500 professional services company. Additionally, he is co-owner of the Lake County Corn Dogs minor league baseball franchise, located in Crown Point, Indiana. In his spare time, he enjoys writing and recording his own music, oil painting, biking, volleyball, golf and cheering on the Corn Dogs.