TMCnet News
Cyber Risk Rises to Top of Corporate Agenda as GDPR Implementation Date ApproachesThe upcoming implementation of the European Union's General Data Protection Regulation (GDPR), which takes effect in May 2018, has elevated cyber risk to the top of the corporate agenda for organizations doing business in Europe according to a survey conducted by Marsh, a global leader in insurance broking and innovative risk solutions. In the global survey of over 1,300 senior executives, 65% of respondents whose organizations offer products or services in the EU said that they now consider cyber as a top risk. In a similar survey Marsh conducted in Continental Europe last year, only 32% of responding organizations rated cyber as a top five risk. GDPR-impacted organizations are already feeling the effect of cyber threats, with 23% of respondents stating that their European organizations were subject to a successful cyber-attack in the past year. "The imminent implementation of the GDPR is spurring firms to take a fresh look at their cyber risk, not just their privacy protocols," said John Drzik, President of Global Risk & Digital at Marsh. "This survey indicates that the most prepared firms are using GDPR as a catalyst to enhance their cyber risk management, including a more economic evaluation of their risks and an increased focus on building resilience in the face of an inevitable cyber incident." Organizations responded that they intend to spend more on cyber risk management. Of those respondents whose organizations have plans for GDPR implementation, 78% said they would increase spending on addressing cyber risk over the next 12 months, including spending on cyber insurance. Notably, 52% of those who do not have a plan for GDPR indicated that their investment in cyber risk management would increase. GDPR readiness will require additional attention in the immediate future. Just 8% of respondents at GDPR-affected organizations asserted that their firms were fully cmpliant; 57% of respondents indicated that their organizations were developing compliance plans; and 11% said they had yet to start. Smaller organizations were more likely not to have a plan for GDPR with 19% of respondents from businesses with less than $50m annual revenue replying that no plan was in place. Thomas Reagan, Marsh's Cyber Practice Leader, added: "Given the effort needed to comply, organizations that have yet to make plans are likely to face challenges to meet all the requirements when GDPR takes effect in May 2018. Focusing leadership attention on complying with GDPR is critical. Increased management attention on this issue can also be leveraged to strengthen a firm's overall cyber risk management, broadening a regulatory compliance effort into a source of cybersecurity resilience." About Marsh A global leader in insurance broking and innovative risk management solutions, Marsh's 30,000 colleagues advise individual and commercial clients of all sizes in over 130 countries. Marsh is a wholly owned subsidiary of Marsh & McLennan Companies (NYSE: MMC), the leading global professional services firm in the areas of risk, strategy and people. With annual revenue over US$13 billion and more than 60,000 colleagues worldwide, MMC helps clients navigate an increasingly dynamic and complex environment through four market-leading firms. In addition to Marsh, MMC is the parent company of Guy Carpenter, Mercer, and Oliver Wyman. Follow Marsh on Twitter (News - Alert) @MarshGlobal; LinkedIn; Facebook; and YouTube, or subscribe to BRINK.
View source version on businesswire.com: http://www.businesswire.com/news/home/20171016005798/en/ |
