Why cybersecurity is a top priority for business leaders
Cybercrime is on the rise and so is the risk it poses to businesses.
A recent report estimates that by 2025, cyberattacks will cost global
businesses around $10.5 trillion annually; by 2031, companies are likely to be
hit with a new attack every two seconds. While threats are exponentially
growing in scope and sophistication, there’s hope: Zurich North America
cyber risk specialists are developing innovative services and products to help leaders meet the moment with equally sophisticated methods to defend
against and recover from attacks.
“As a society, we’ve adopted digital technology to enhance our quality of life. Similarly, organizations are adopting it at a rapid pace,” says Michelle Chia,
Head of Professional Liability and Cyber at Zurich North America. “There are a host of benefits to this, but they’re balanced bypotential vulnerabilities. And with digital technology, we’re all connected—which means that in some cases, we’re only as strong as our weakest link.”
Building a resilient business
As cyber exposures shift and the market fluctuates, it’s important for leaders not to focus on the unpredictable. Instead, take steps to strengthen the parts of your organization that you can control.
How companies are building resilience
of companies have adopted enhanced employee training.
conduct cybersecurity assessments and audits to identify security gaps and vulnerabilities.
have partnered with outside partners to bolster their cybersecurity postures.
have dedicated risk mitigation personnel that work with IT to monitor threats.
have prepared incident response plans, and nearly 60% test such plans regularly.
When organizations take a collaborative, proactive approach to threat management, they can truly make a difference in preventing and mitigating cyber losses.
Source: The 12th annual Information Security and Cyber Risk Management survey from Zurich and Advisen, a Zywave company
62%
58%
64%
60%
81%
Mitigating risk with cyber insurance
Cyber insurance is another powerful tool that can greatly protect companies against information and network security risks and help mitigate financial loss after an attack.
In a world of intensifying threats, Zurich’s Cyber Insurance products and Risk Engineering services can help protect your networks, data, and reputation—and ensure you’re prepared for future attacks. Middle-market businesses and companies with resource gaps can particularly benefit from Zurich’s new middle market cyber package, which includes pre- and post-event cyber services from leading vendors with whom Zurich has long-standing, trusted relationships.
54%
70%
Of the
that reported a claim to their cyber insurance carrier,
more than
recouped costs.
Source: The 12th annual Information Security and Cyber Risk Management survey from Zurich and Advisen,
a Zywave company
—Michelle Chia, Head of Professional Liability and Cyber,
Zurich North America
Developing good response plans and capabilities is a never-ending journey—
it must continue to adapt as often as the organization changes its technology and business practices. The Zurich Resilience Solutions team helps to ensure the leadership team is prepared for a cyber incident.”
Resources for middle market companies provided by Zurich Cyber Insurance Policy – Concierge Suite
Source: Zurich North America
Triage when network security is threatened or under attack
Incident-response teams to identify attackers and contain the impact
Support in restoring and recovering critical operations
Assistance with data breach notification obligations and crafting an appropriate response
The importance of being prepared
The consequences of being unprepared for a cyber event can be long-lasting and costly— in terms of dollars, reputational damage, and loss of customer confidence. “Trust is hard to repair once broken, especially for financial institutions,” Chia notes. But banks and larger corporations aren’t the only ones at risk: 60% of small businesses go out of business within six months of a cyber event.
Identify critical assets like data, digital systems, and network connections.
Assess potential vulnerabilities to your critical assets and in your existing safeguards.
Create protective security procedures to reduce the likelihood and impact of a breach.
Adopt event response policies and recovery plans that support business continuity after various cyber incidents.
No matter what product or service you provide, businesses big and small can benefit from increased cybersecurity resilience in today’s digital world. Even if you have established programs and policies, there’s always room for improvement—and the experts at Zurich are here to help.
To determine how prepared you are against cyberattacks, check out our cybersecurity quiz.
Want to audit your current cyber resilience? Check out our
cybersecurity checklist.
For more insights about building a robust cybersecurity program and how to identify, understand, and protect against cyber risks to your organization, visit www.zurichna.com/insurance/cyber.
As of 2022,
86
of companies have a cyber insurance policy
(a 3% increase from 2021).
Source: The 12th annual Information Security and Cyber Risk Management survey from Zurich and Advisen,
a Zywave company
%
52%
More than
said their cyber insurance policies provide value and meet their organizational needs
while
61%
said their coverage meets some needs, but not all.
Source: The 12th annual Information Security and Cyber Risk Management survey from Zurich and Advisen,
a Zywave company
According to survey participants, the five most important coverage areas are
1. Data breaches
2. Extortion and ransomware
3. Data restoration
4. Business interruption
5. System failure coverage
Source: The 12th annual Information Security and Cyber Risk Management survey from Zurich and Advisen,
a Zywave company
Source: The 12th annual Information Security and Cyber Risk Management survey from Zurich and Advisen,
a Zywave company
—Michelle Chia, Head of Professional Liability and Cyber, Zurich North America
Triage when network security is threatened or under attack
Incident-response teams to identify attackers and contain the impact
Support in restoring and recovering critical operations
Assistance with data breach notification obligations and crafting an appropriate response
This content was compiled from sources believed to be reliable for informational purposes only. All sample policies and procedures herein should serve as a guideline, which you can use to create your own policies and procedures. Zurich North America (“Zurich”) does not guarantee any results and further assumes no liability in connection with this content and sample policies and procedures. The subject matter is not tied to any specific insurance product nor will adopting these policies and procedures ensure coverage under any insurance policy. Nothing herein should be construed as a solicitation, offer, advice, recommendation, or any other service with regard to any type of insurance product underwritten by individual member companies of Zurich in North America, including Zurich American Insurance Company, 1299 Zurich Way, Schaumburg, IL 60196. In the United States, risk engineering and risk management services are provided by The Zurich Services Corporation.
This content was compiled from sources believed to be reliable for informational purposes only. All sample policies and procedures herein should serve as a guideline, which you can use to create your own policies and procedures. Zurich North America (“Zurich”) does not guarantee any results and further assumes no liability in connection with this content and sample policies and procedures. The subject matter is not tied to any specific insurance product nor will adopting these policies and procedures ensure coverage under any insurance policy. Nothing herein should be construed as a solicitation, offer, advice, recommendation, or any other service with regard to any type of insurance product underwritten by individual member companies of Zurich in North America, including Zurich American Insurance Company, 1299 Zurich Way, Schaumburg, IL 60196. In the United States, risk engineering and risk management services are provided by The Zurich Services Corporation.
A recent report estimates that by 2025, cyberattacks will cost global businesses around $10.5 trillion annually; by 2031, companies are likely to be hit with a new attack every two seconds. While threats are exponentially growing in scope and sophistication, there’s hope:
Zurich North America cyber risk specialists are developing innovative services and products to help leaders meet the moment with equally sophisticated methods to defend against and recover from attacks.
“As a society, we’ve adopted digital technology to enhance our quality of life. Similarly, organizations
are adopting it at a rapid pace,” says Michelle Chia,
Head of Professional Liability and Cyber at Zurich
North America. “There are a host of benefits to this,
but they’re balanced by potential vulnerabilities. And
with digital technology, we’re all connected—which means that in some cases, we’re only as strong as our weakest link.”