//////////////////////////////////////////////////////////////////////////
cybersecurity technology are rising
quickly and far outpacing spending on
cyber insurance.
The global cyber insurance market as
measured by gross written premiums is
forecast to be just under US$8 billion by
2020, compared to a US$124 billion global
cybersecurity market.
Many companies focus their cyber-risk
management strategy on prevention
by investing in technological frontline
cyber-defences. Meanwhile, spending on
other tools and resources for cyber-risk
management, such as cyber insurance or
event response training, remains a fraction
www.intelligentcio.com
of the technology budget. This suggests that
many businesses continue to believe they
can eliminate or manage their cyber-risk
primarily through technology, rather than
through a comprehensive range of planning,
transfer and response measures.
Best practices
Best practice calls not for parity of spending,
but an investment strategy that, reflecting
a company’s unique risk profile and
appetite, leverages the complementary
roles of technology and insurance to deter
cyberattacks where possible and transfer
the risk of those that cannot be prevented.
However, the emphasis on cybersecurity
FEATURE: CYBERSECURITY
spending and technology over other
measures reveals that many businesses have
not yet embraced this truth.
Ownership of cyber governance
Despite cyber-risk being ranked as a
high priority, governance and ownership
of it generally does not align with that
ranking. Those who should be focused on
cybersecurity are not, IT and information
security roles continue to be seen as the
primary owners of cyber-risk management.
Businesses must build cyber-resilience,
approaching cyber-risk as a critical threat
that, with vigilance and application of best
practices, can be managed confidently. n
INTELLIGENTCIO
37