Skip to main content
The Actuary: The magazine of the Institute and Faculty of Actuaries - return to the homepage Logo of The Actuary website
  • Search
  • Visit The Actuary Magazine on Facebook
  • Visit The Actuary Magazine on LinkedIn
  • Visit @TheActuaryMag on Twitter
Visit the website of the Institute and Faculty of Actuaries Logo of the Institute and Faculty of Actuaries

Main navigation

  • News
  • Features
    • General Features
    • Interviews
    • Students
    • Opinion
  • Topics
  • Knowledge
    • Business Skills
    • Careers
    • Events
    • Predictions by The Actuary
    • Whitepapers
    • Moody's - Climate Risk Insurers series
    • Webinars
    • Podcasts
  • Jobs
  • IFoA
    • CEO Comment
    • IFoA News
    • People & Social News
    • President Comment
  • Archive
Quick links:
  • Home
  • The Actuary Issues
  • September 2018
09

Majority of firms unsure who should manage cyber security

Open-access content Monday 10th September 2018 — updated 5.50pm, Wednesday 29th April 2020

The majority of executives worldwide are not sure who should be in charge of their firm’s cyber resilience, with most facing a “specialist or generalist” dilemma.

2


That is according to new research from Willis Towers Watson (WLTW), which shows that almost 40% of executives feel the board should be responsible for cyber.

However, almost a quarter think the role should be given to a specialised committee, while others believe responsibility lies with audit, risk, or another subgroup.

Moreover, it was found that just 8% believe their chief information security officer (CISO) performs "above average" in communicating the consequences of cyber threats.

WLTW global head of cyber risk, Anthony Dagostino, said the problem was that many CISOs struggle translating security threats into operational and financial impacts.

"To close this communication gap, CISOs need tools that can help them quantify and translate the vulnerabilities uncovered from their cyber security maturity assessments," he continued. 

"These tools enable them to better communicate the risk to the board, seek adequate budget, and enable the board to provide meaningful guidance".

The research involved a survey of executives from over 450 companies, finding that three out of four regions believe the "board as a whole" should oversee cyber risk.

Most European firms think a dedicated cyber group should be responsible, while the UK was the only region where the heads of cyber report to the board rather than the CEO.

It was also found that just 30% of executives believe they have enough directors that understand cyber risks, but that only 23% are actively recruiting directors that do.

Despite the widespread uncertainty, WLTW found that around two-thirds of companies believe a partnership between human resources and information security is key.

"Still, organisations need greater collaboration to truly assess the organisational culture driving cyber risk in the first instance," Dagostino continued.

"The solution isn't always more training. It could be a leadership or incentives and rewards issue, things that fall squarely within the function of the chief human resources officer." 

Sign up to our free newsletter here and receive a weekly roundup of news concerning the actuarial profession

This article appeared in our September 2018 issue of The Actuary.
Click here to view this issue
Filed in
09

You might also like...

Share
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print

Latest Jobs

Risk Actuary - General Insurance

London (Greater)
£60,000 - £85,000
Reference
145934

Project Actuary - Life Insurance

Midlands
£60,000 - £110,000
Reference
145933

Model Validation Actuary

London (Greater)
£60k - £80k
Reference
145932
See all jobs »
 
 

Today's top reads

 
 

Sign up to our newsletter

News, jobs and updates

Sign up

Subscribe to The Actuary

Receive the print edition straight to your door

Subscribe
Spread-iPad-slantB-june.png

Topics

  • Data Science
  • Investment
  • Risk & ERM
  • Pensions
  • Environment
  • Soft skills
  • General Insurance
  • Regulation Standards
  • Health care
  • Technology
  • Reinsurance
  • Global
  • Life insurance
​
FOLLOW US
The Actuary on LinkedIn
@TheActuaryMag on Twitter
Facebook: The Actuary Magazine
CONTACT US
The Actuary
Tel: (+44) 020 7880 6200
​

IFoA

About IFoA
Become an actuary
IFoA Events
About membership

Information

Privacy Policy
Terms & Conditions
Cookie Policy
Think Green

Get in touch

Contact us
Advertise with us
Subscribe to The Actuary Magazine
Contribute

The Actuary Jobs

Actuarial job search
Pensions jobs
General insurance jobs
Solvency II jobs

© 2023 The Actuary. The Actuary is published on behalf of the Institute and Faculty of Actuaries by Redactive Publishing Limited. All rights reserved. Reproduction of any part is not allowed without written permission.

Redactive Media Group Ltd, 71-75 Shelton Street, London WC2H 9JQ