More than three in four (76%) organisations say they have become more concerned about information security and privacy over the past three years - but only 19% have purchased insurance designed to cover these exposures, according to new research commissioned by Zurich.
The provider noted that only 16% of companies surveyed had designated a chief information security officer to oversee cyber risk and fewer than half (44%) had increased their budget to tackle the problem.
The findings came in ‘Meeting the Cyber Risk Challenge', a survey by Harvard Business Review Analytic Services of 152 respondents across Europe involved in risk management.
Respondents rated malware and other viruses as the most serious information security concern for their organisation.
This was followed by administrative errors, incidents caused by data providers and malicious employee activity and attacks on web applications as the top five.
Steve Wilson, chief risk officer for general insurance at Zurich commented: "The enormous expansion in the availability of information presents unprecedented opportunities and challenges for business and government.
"As well as regulatory responsibilities to protect proprietary information, organisations have a duty of care to ensure their measures are robust."
He added: "Cyber risk comes in a bewildering variety of forms for organisations and we hope this research will provide risk managers with important insights into this critical issue."
