“Escalating” cyberattacks costing firms millions: Willis Towers Watson and ESI ThoughtLab

New survey highlights dramatic increase in cyber threats across the globe, with more than 10% of firms losing at least $10 million

Arlington, VA (July 10, 2019) – Annual losses from cyberattacks averaged $4.7 million in the last fiscal year, with more than one in 10 firms surveyed losing over $10 million, according to a new report from The Cybersecurity Imperative, a global thought leadership program produced by independent researcher ESI ThoughtLab in conjunction with Willis Towers Watson and other organizations specialized in cybersecurity and risk management.

The study covered 467 firms across multiple industries in 17 countries revealing that companies worldwide expect to boost their cybersecurity investments by 34% in the next fiscal year, after raising them by 17% the previous year. About 12% of companies surveyed plan to bolster their cybersecurity investments by over 50%. Additionally, since last year, the percentage of companies seeing a significant impact from cybercriminal activities — such as installation of ransomware — has soared, from 57% to 71%.

“It is clear from the findings that companies are experiencing escalating impacts this year from key adversaries, including cybercriminals, malicious insiders and state-sponsored hackers, often from jurisdictions beyond the reach of local law,” said Peter Foster, chairman, Willis Towers Watson Global FINEX Cyber and Cyber Risk Solutions. “Establishing a continuous assessment through an integrated risk approach to cyber is critical for mitigating this ever-growing risk.”

The research shows that to combat evolving risks, companies need to take a proactive, multilayered defense. Firms are responding by allocating the biggest share of their budgets to technology, while seeking the right balance between investments in people and process. They are also focusing more on risk identification to address emerging vulnerabilities and are investing more in resilience to ensure they can respond quickly to successful attacks.

Other calls to action from the study include:

  • Make sure you are investing enough in cybersecurity. Some industries, such as media and consumer markets, are allocating less and may be more exposed to cyber risks.
  • Think of cybersecurity like any other existential threat to your business. The risks are not just about privacy, liability and stealing data; huge operational risks can also occur if business is interrupted, with reputational impacts that can hurt market positions.
  • Pay attention to risks from partners and your supply chain. As firms draw on ecosystems of third parties to drive digital transformation, they increase their vulnerabilities to cyber risks.
  • Be aware that legal and regulatory risks are also rising substantially. Companies that do not comply with new standards face hefty penalties and legal consequences.
  • Measure your full losses, costs and returns. When hit by a successful cyberattack, you need to understand all your costs — direct and indirect, tangible and intangible.

The survey was carried out in the spring of 2019 as part of a global research initiative titled The Cybersecurity Imperative. The current survey is a follow-up to a more comprehensive survey of 1,300 companies conducted in the fall of 2018.

For more insights on perceived threats, cybersecurity maturity and investment, download the full report.

About Willis Towers Watson

Willis Towers Watson (NASDAQ:WLTW) is a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. With roots dating to 1828, Willis Towers Watson has 45,000 employees serving more than 140 countries and markets. We design and deliver solutions that manage risk, optimize benefits, cultivate talent, and expand the power of capital to protect and strengthen institutions and individuals. Our unique perspective allows us to see the critical intersections between talent, assets and ideas — the dynamic formula that drives business performance. Together, we unlock potential. Learn more at willistowerswatson.com.

About ESI ThoughtLab

ESI ThoughtLab is the thought leadership arm of Econsult Solutions Inc., a leading economic consultancy. The innovative think tank offers fresh ideas and evidence-based analysis to help business and government leaders understand and respond to economic, industry and technological shifts around the world. Its team of top economists and analysts excel at applying economics to understand the impact of technology on the world.

About the Cybersecurity Imperative

The Cybersecurity Imperative program was established by a coalition of leading organizations with expertise across the cybersecurity space, including Baker McKenzie, CyberCube, HP, KnowBe4, Opus, Protiviti, the Security Industry Association, and Willis Towers Watson. Each organization is an expert in its own field and provided valuable insights to help guide the research methodology and scope. Learn more about The Cybersecurity Imperative.

SOURCE: Willis Towers Watson

Tags: , , , ,