90% of U.S. businesses experienced hacking incidents in the last year: HSB cyber study

01/06/2016 06:58

Nine out of ten businesses in the United States have experienced at least one hacking incident in the past year, according to a survey released on Tuesday by The Hartford Steam Boiler Inspection and Insurance Company (HSB), part of Munich Re.

According to HSB, the number of attacks increased 21% from 2015. Eric Cernak, cyber practice leader for Munich Re, noted in an HSB statement that 64% of risk managers said they have experienced more than six hacking incidents in the last year – up 32% in 2015. “U.S. businesses are under constant assault,” he said. “Hackers are even more relentless.”



HSB’s 2016 Cyber Poll was conducted on-site at the Risk and Insurance Management Society Conference in San Diego, CA last month. It represented 102 risk managers who attended the conference from small-, mid- and large-sized businesses in the following industries: manufacturing; financial and professional services; retail; technology; government and military; education and public entities; aerospace, defense and technology; and healthcare.

The study shows risk managers are worried about the safety and security of Internet of Things (IoT) devices, with only 28% saying they are safe for business use. Despite these concerns, more than half (56%) of the businesses implemented or plan to implement such devices, the statement said.

“As businesses use IoT devices to improve productivity and efficiency, they must think about the security costs,” Cernak said in the statement. “Hackers are always looking for ways to access company business systems and connected devices provide additional infiltration points. It’s important to control security features on these devices and monitor employee use.”


Primary concerns about cyber technology include the loss of confidential information (44%), government intrusion (27%) and service/business interruption (17%). When asked about the risk management services they have deployed to combat cyber risk, risk managers point to encryption (44%; up from 25% in 2015); intrusion detection/penetration testing (28%; down from 32% in 2015) and employee education programs (12%; down from 25% last year).

For additional protection, 50% say their business has either purchased cyber insurance for the first time or increased its level of coverage in the last year, the statement noted. Thirty per cent of businesses do not have any level of cyber insurance coverage. According to the study, primary reasons for not adopting coverage include its perceived complexity (44%), lack of a sufficient threat (34%) and cost (22%).

Hartford Steam Boiler (HSB), a part of Munich Re since 2009, is an engineering and technical risk insurer providing equipment breakdown insurance products, other specialty coverages and related inspection services and engineering consulting.