Skip to main content

By the Numbers: Global Cyber Risk Perception Survey

Cyber risk is now at the forefront of the corporate risk agenda, but cyber risk management strategies are not keeping pace despite an increasingly complex threat environment and escalating financial impact. 

A new global survey of more than 1,300 executives, undertaken by Marsh in partnership with Microsoft, examines cyber risk concerns and management strategies by organisations of all sizes in a range of industries worldwide.

Two-thirds of survey respondents ranked cybersecurity as a top five risk management priority, but only 19% expressed high confidence in their organisation’s ability to manage and respond to a cyber event, and only 30% have developed a plan to do so.

Other key findings point to a misalignment between cyber risk awareness and approach:

  • 70% of respondents named the IT department as a primary owner and decision-maker for cyber risk management, compared to 37% who cited the C-suite and 32% Risk Management.
  • 75% identified business interruption as the cyber loss scenario with the greatest potential financial impact, but fewer than 50% actually estimate financial losses – and of those, only 11% measure cyber risk exposure quantitatively.
  • One in five organisations does not currently have or plan to purchase cyber insurance, and 25% don’t know their cyber insurance status.


Among the key takeaways for business leaders are the need for broad stakeholder engagement, including the C-suite and board; economic modeling that quantifies cyber risk; and a holistic approach that spans prevention, mitigation, transfer, and response planning.

Is your organisation employing best practices for managing cyber risk?  Benchmark your performance against our survey results.

Download PDF

This survey was conducted in partnership with: