Business leaders have their eyes on cybersecurity in 2022.
The Travelers Companies released its 2022 Risk Index results Sept. 26, outlining leading concerns for businesses.
According to the survey of more than 1,000 U.S. business decision makers, nearly 60% of respondents said they worry some or a great deal about cyber threats.
Concerns of broad economic uncertainty, fluctuations in oil and energy costs, the ability to attract and retain talent, and medical cost inflation are among the other top concerns.
“Cyberattacks can shut down a company for a long period of time or even put it out of business, and it’s imperative that companies have a plan in place to mitigate any associated operational and financial disruptions,” Travelers enterprise cyber lead Tim Francis said.
The number of respondents who said their company has suffered a data breach or cyber event increased for the seventh consecutive year.
According to the survey, 26% of respondents said their company had been a cyber victim, and nearly half of those incidents happened within the last 12 months.
“Effective measures that have proven to reduce the risk of becoming a cyber victim are available, but based on these survey results, not enough companies are taking action,” Francis said.
Researchers are expressing concern about the overconfidence companies have in navigating the cyber landscape.
More than 90% of respondents said they were confident their company has implemented best practices to mitigate a cyber event, however future responses to questions did not support the statement.
Researchers said 64% of companies said they do not use endpoint detection, 59% said they have not conducted a cyber assessment for vendors, and 53% do not have an incident response plan.
“It’s never too late, and these steps can help businesses avoid a devastating cyber event,” Francis said.
Multifactor authentication, which adds a layer of protection to the sign-in process, is a system few companies have adapted to in recent years.
Microsoft said 99.9% of account compromised attacks are blocked by adding MFA to verify a computer’s identity.
Still, only 52% of respondents said they implemented MFA for remote access, despite 90% of leaders acknowledging that they were familiar with the security measure.