Skip to main content
What can we help you find?
main content, press tab to continue
Report

Cyber, Directors and Officers Survey Results

Key Insights from the 2025 Global Cyber, D&O Survey

July 2, 2025

The 2025 Global D&O Survey highlights top cyber risks like phishing and ransomware and the importance of robust response plans, regular exercises, and wise budget allocation for cyber insurance.
Cyber-Risk-Management-and-Insurance|Financial, Executive and Professional Risks (FINEX)
N/A

The 2025 Global Cyber, Directors and Officers Survey findings offer a detailed examination of the current landscape of cyber risk management and insurance practices across various organisations globally.

The key findings of the survey are as follows:

  1. 01

    Key cyber risks

    The most concerning cyber risks identified are phishing attacks and social engineering (27.21%), followed by ransomware (16.73%) and weak cybersecurity systems and controls (9.8%). These concerns are consistent across different regions.

  2. 02

    Preparedness for cyber incidents

    Most organisations report feeling well-prepared to manage cyber incidents, with notable regional variations. For instance, 62.73% of organisations in Latin America and 67.95% in North America feel well-prepared.

  3. 03

    Sponsorship and oversight

    The board or CEO is the primary sponsor of cyber risk management strategies, with 35.93% of organisations reporting this. Additionally, a senior leadership group and the IT department play crucial roles, with 26.5% and 20.22% of organizations, respectively, indicating their involvement.

  4. 04

    Budget allocation

    Organisations are divided in how they allocate their cyber insurance premiums. Specifically, 44% include the premium as part of their cyber security budget, while 56% allocate it separately.

These findings underscore the growing importance of robust cyber risk management strategies and the need for continued investment in cybersecurity measures to address evolving threats.

Keep an eye out for our upcoming Cyber in Focus report where we delve into perception versus reality. Our specialists compare, contrast and comment on what you are voting to be the most significant risks versus what we are seeing from a claims point of view. The findings are truly interesting, and we cannot wait to share them with you.

We hope you enjoy exploring the findings from our latest Global Directors’ and Officers’ Survey, Cyber 2025.

Key recommendations from the Cyber Directors’ and Officers’ Survey Findings:

Ensure that your organisation has a comprehensive and well-documented plan to manage cyber incidents. This plan should include clear roles and responsibilities, communication protocols, and steps to mitigate and recover from cyber-attacks.

Perform at least one cyber table-top exercise in the last 12 months to test your incident response plan. These exercises help identify gaps and improve the readiness of your team to handle real-world cyber threats.
Strive to make your organisation feel well or very well prepared to manage cyber incidents. This involves continuous training, updating security measures, and staying informed about the latest cyber threats.
Decide whether to opt for a standalone cyber insurance policy or integrate it into your general insurance policy. Ensure that the premium is allocated appropriately, either as part of your cyber security budget or as a separate line item.
Be well-informed about the most concerning cyber risks, such as phishing attacks, ransomware, and weak cybersecurity systems and controls. Develop strategies to mitigate these risks, including employee training, advanced threat detection systems, and regular security audits.
Ensure that your cyber security budget is sufficient and well-allocated. Consider the specific needs of your organisation, such as investing in advanced security technologies, training programs, and regular security assessments.

By implementing these recommendations, organizations can enhance their cyber resilience and better protect themselves against evolving cyber threats.

How can we help?

Protect your business today with cyber insurance

  • Cyber threats are on the rise, and your business could be the next target. Don't wait until it's too late - safeguard your assets and reputation with comprehensive cyber insurance.
  • Our policies provide financial protection, risk mitigation, and legal support in the event of a cyber-attack.

Protect your business today with cyber risk management services

Cyber risk governance consulting

Cyber risk governance consulting

Tailored consulting services to help organizations establish robust cyber risk governance frameworks and enhance board oversight.

Incident response planning

Incident response planning

Comprehensive support in developing and testing incident response plans to minimize the impact of cyber incidents.

Contacts

Peter Foster
Chairman, Global FINEX Cyber and Cyber Risk Solutions
email Email phone +1 617 901 8174
Benjamin Di Marco
Head of FINEX Cyber & Tech
email Email phone +61 478 312 988
Related content tags, list of links Report Cyber Risk Management and Insurance Financial, Professional and Executive Risks

Related capabilities

Cyber Risk Management and Insurance

Safeguard your digital infrastructure and assets against cyber threats with our tailored coverage solutions and experienced teams.
Financial Institutions

From an ever-shifting regulatory landscape to the digitalization of the workplace, financial institutions face a complex set of challenges and risks. WTW helps our financial institution clients manage risk, cultivate talent and explore new ways of working.
Operational Risk Solutions

Helping to bridge the gap between risks and insurance programs for financial services organisations.
Directors’ and Officers’ Liability Insurance

D&O insurance provides legal protection and promotes good corporate governance. Consider it as part of your risk management strategy.
Professional Indemnity Insurance

Our professional indemnity insurance offers tailored risk solutions for legal, financial, construction, and tech professionals, protecting against legal liabilities and financial loss.
Contact us