"Survey Evidences Leaders Lack Confidence in Cyber-Risk Management"

Security researchers at Marsh have discovered that leaders of cybersecurity, IT, risk management, insurance, and finance companies are losing confidence in the ability of their organizations to ward off ransomware attacks.  The researchers surveyed more than 660 cyber-risk decision-makers.  In 2019, 19.7% of those surveyed said they were highly confident in their capacity to manage cyber-risk compared to 19% in 2022.  The researchers noted that this demonstrates that leaders' perspectives have changed little over the course of three years.  Less than half of those surveyed (43%) stated that their organization has conducted a risk assessment of vendors and supply chains.  The researchers noted that this finding indicates that companies are falling behind in their cybersecurity strategies when it comes to assessing the threats faced by vendors and supply chains during a time when attacks are on the rise.  In 2019, a mere three in 10 survey participants (30%) stated that their company used quantitative methods to measure exposure to cyber risk.  This figure increased to just four in 10 respondents in 2022 (38%).  The use of quantitative methods in assessing cyber risk is critical as it helps determine volatility.

Infosecurity reports: "Survey Evidences Leaders Lack Confidence in Cyber-Risk Management"