Skip to main content
Opens in a new tab External site
Business interruption due to a breach is top cyber risk concern: Aon global cyber benchmarking report
Findings underscore importance of conducting a cyber risk assessment, Aon outlines three-step approach for assessing cyber risk

CHICAGO (April 11, 2016) – Aon Global Risk Consulting, the risk consulting business of Aon plc (NYSE:AON), the leading global provider of risk management and human resource consulting and outsourcing, today released its 2016 Captive Cyber Survey report, which finds that the costs of business interruption due to a breach is the top cyber risk concern for businesses across all industries.

As Aon’s first cyber captive survey,  the findings offer a better understanding of organizations’ current attitude towards cyber threats, risk assessment, insurance purchasing trends and loss adjustment concerns and provides insight into current retail market trends, including captives and other risk financing solutions.

“Our findings also indicate that there is a disparity between companies recognizing that cyber is one of the fastest growing and permeating risks, and actually understanding what their individual exposures and coverage needs are,” said Peter Mullen, chief executive officer of Aon Risk Solutions’ Aon Captive and Insurance Management practice, who spearheaded the report. “Captives are a great alternative risk transfer solution for bridging this gap while the industry’s approach to cyber risk management catches up to the evolving pace of technology.”

The survey findings indicate that 94 percent of companies would share risk with others in their industry as part of a captive facility writing cyber. What’s more, Aon experts anticipate alternative risk transfer options to become increasingly sought after as these solutions give companies some control over underwriting, coverage scope and claims adjustment, while providing an opportunity to share best practices, experience and data in a private setting.

Additional highlights of the report include:

  • 61 percent of survey respondents buy cyber limits in the $10-25 million range, but overall 60 percent of large companies do not buy cyber insurance
  • Of those that do, 68 percent of companies surveyed buy cyber for balance sheet protection closely followed by ensuring due diligence comfort for the board
  • Only 25 percent of respondents that buy limits are confident that they comply with international best practices and standards for information security  governance
  • 95 percent of companies surveyed state clear policy wording as the most important issue in the cyber risk market, and 75 percent of large companies express concerns about the loss adjustment process  

“Given the evolving nature and complexity of cyber exposures, we found that the use of cyber risk assessments is surprisingly low,” said Kevin Kalinich, global practice leader for cyber/network risk at Aon Risk Solutions. “Conducting such an assessment is a useful tool for improving risk understanding and maturity as well as for helping organizations better prepare for potential business interruption during or after a breach. Aon is at the forefront of assisting clients to develop and implement a risk assessment approach that is cross departmental and can translate cyber exposures into financial impact.”

Aon recommends the following three steps to begin a cyber risk assessment:

  1. Scenario Analysis: Benchmark the existing cyber risk profile and work with business stakeholders to prioritize cyber risk scenarios
  2. Financial Modeling: Leverage advanced financial simulation tools using deterministic modeling to quantify first and third party costs of select cyber scenarios. Consider performing an analysis on non-damage business interruption scenarios using forensic accounting capabilities.
  3. Insurability Risk Review: Test the adequacy of limits against the assessed cyber risk as well as review the optimization of the proposed insurance program

 

About the 2016 Aon Captive Cyber Survey

Aon’s 2016 Captive Cyber Survey is designed to offer analysis of top cyber risk concerns, risk assessment approaches, attitudes toward cyber insurance and policy cover and structure. The survey, conducted for the first time in fall 2015, gathered input from risk managers and directors of more than 125 captive insurance companies. The 2016 findings will allow organizations to gain insight into the mounting threat of cyber risk, benchmark their risk management practices and identify approaches that may increase their preparedness.

More information about the 2016 Aon Captive Cyber Survey can be found here: http://www.aon.com/risk-services/cyber.jsp  

ENDS

About Aon

Aon plc (NYSE:AON) is a leading global provider of risk management, insurance brokerage and 
reinsurance brokerage, and human resources solutions and outsourcing services. Through its more
than 72,000 colleagues worldwide, Aon unites to empower results for clients in over 120 countries via 
innovative risk and people solutions. For further information on our capabilities and to learn how we
empower results for clients, please visit: http://aon.mediaroom.com.

Follow Aon on Twitter: https://twitter.com/Aon_plc
Sign up for News Alerts: http://aon.mediaroom.com/index.php?s=58

Media Contact:

Allyson Marcus, Allyson.marcus@kemperlesnik.com, 267-994-9052

Media Resources

Access international media contacts, the full library of Aon media releases, and a media kit with fact sheet and executive bios, via links below.

Media Contacts
Media Releases
Media Kit
Featured Updates