Although cyber-risk management is recognized as an enterprise-wide responsibility by many organizations, the IT department still is seen as the front-line defense against information losses and other cyber-liability risks, according to an industry survey of risk-management professionals.

The Zurich-sponsored survey, "A New Era in Information Security and Cyber Liability Risk Management," concludes that this may represent "a significant deficiency in emergency-response planning," noting that the IT department often is not equipped to interpret notification requirements of dozens of states and to marshal the resources necessary to fulfill the requirements of each state following a major breach.

The majority of the 503 respondents recognized the entire organization is responsible for mitigating cyber risks: 57.2 percent responded yes when asked, "Does your organization have a multidepartmental information-security risk-management team or committee?" About 34 percent said no.

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.