||A New Era In Information Security and Cyber Liability Risk Management - Advisen Ltd.
||Security - Administrative Safeguards, Use of Social Networks, Breach Response
|Impact to Subscriber:
||The majority of organizations view cyber and information security risks as extremely serious or serious (56.3%), with more than two thirds (71.7%) saying that information security risks are a specific risk management focus within their organization; most organizations have some form of multi-departmental information cyber risk team, consisting primarily of the IT department (95.5%), risk/management insurance (78.1%), and general counsel (65.7%). More than two thirds of organizations (68.8%) have a disaster response plan in place in the event of a major breach; for 41%, the role of the IT department includes fulfilling state data breach notification laws following a breach, which may represent a significant deficiency in emergency response planning as the IT department is often ill-equipped to interpret the notification requirements of dozens of states and to marshal the resources necessary to fulfill the requirements of each state following a major breach. The majority of organizations (60.1%) do not purchase cyber liability insurance; primary reasons cited include limited markets, lack of coverage clarity, expense, a difficult application process, difficulty in qualifying, and limited policy coverage.