Cyber, Directors and Officers Survey Results

List of website locations and languages available in Americas
Location	Languages Available
Argentina	Spanish
Bermuda	English
Brazil	Portuguese
Canada	English French
Chile	Spanish
Colombia	Spanish
Costa Rica	Spanish
El Salvador	Spanish
Guatemala	Spanish
Honduras	Spanish
Mexico	Spanish
Nicaragua	Spanish
Panama	Spanish
Peru	Spanish
United States	English
Venezuela	Spanish

List of website locations and languages available in Asia-Pacific
Location	Languages Available
Australia	English
China	Simplified Chinese
Hong Kong (China, SAR)	English
India	English
Indonesia	English
Japan	Japanese
Korea	Korean
Malaysia	English
New Zealand	English
Philippines	English
Singapore	English
Taiwan	Traditional Chinese
Thailand	English Thai
Vietnam	English Vietnamese

List of website locations and languages available in Europe
Location	Languages Available
Austria	German
Belgium	English French Flemish
Croatia	English Croatian
Czech Republic	English Czech
Denmark	Danish
Finland	Finnish
France	French
Germany	German
Greece	Greek
Hungary	Hungarian
Ireland	English
Italy	Italian
Kazakhstan	Kazakh Russian
Luxembourg	French
Netherlands	Dutch English
Norway	Norwegian
Poland	Polish
Portugal	Portuguese
Romania	Romanian
Serbia	Serbian
Slovakia	Slovak
Spain	Spanish
Sweden	English Swedish
Switzerland	English French German
Turkey	Turkish
Ukraine	Ukrainian
United Kingdom	English

List of website locations and languages available in Middle East and Africa
Location	Languages Available
Cameroon	English French
Congo	French
Egypt	English
Ghana	English
Ivory Coast	French
Israel	English
Jordan	English
Kenya	English
Kuwait	English
Mauritius	English
Nigeria	English
Saudi Arabia	English
Senegal	French
South Africa	English
UAE	English
Uganda	English

The 2025 Global Cyber, Directors and Officers Survey findings offer a detailed examination of the current landscape of cyber risk management and insurance practices across various organisations globally.

The key findings of the survey are as follows:

01
Key cyber risks
The most concerning cyber risks identified are phishing attacks and social engineering (27.21%), followed by ransomware (16.73%) and weak cybersecurity systems and controls (9.8%). These concerns are consistent across different regions.
02
Preparedness for cyber incidents
Most organisations report feeling well-prepared to manage cyber incidents, with notable regional variations. For instance, 62.73% of organisations in Latin America and 67.95% in North America feel well-prepared.
03
Sponsorship and oversight
The board or CEO is the primary sponsor of cyber risk management strategies, with 35.93% of organisations reporting this. Additionally, a senior leadership group and the IT department play crucial roles, with 26.5% and 20.22% of organizations, respectively, indicating their involvement.
04
Budget allocation
Organisations are divided in how they allocate their cyber insurance premiums. Specifically, 44% include the premium as part of their cyber security budget, while 56% allocate it separately.

These findings underscore the growing importance of robust cyber risk management strategies and the need for continued investment in cybersecurity measures to address evolving threats.

Keep an eye out for our upcoming Cyber in Focus report where we delve into perception versus reality. Our specialists compare, contrast and comment on what you are voting to be the most significant risks versus what we are seeing from a claims point of view. The findings are truly interesting, and we cannot wait to share them with you.

We hope you enjoy exploring the findings from our latest Global Directors’ and Officers’ Survey, Cyber 2025.

Key recommendations from the Cyber Directors’ and Officers’ Survey Findings:

Develop a robust cyber incident response plan

Ensure that your organisation has a comprehensive and well-documented plan to manage cyber incidents. This plan should include clear roles and responsibilities, communication protocols, and steps to mitigate and recover from cyber-attacks.

Conduct regular cyber table-top exercises

Perform at least one cyber table-top exercise in the last 12 months to test your incident response plan. These exercises help identify gaps and improve the readiness of your team to handle real-world cyber threats.

Ensure preparedness

Strive to make your organisation feel well or very well prepared to manage cyber incidents. This involves continuous training, updating security measures, and staying informed about the latest cyber threats.

Manage cyber insurance effectively

Decide whether to opt for a standalone cyber insurance policy or integrate it into your general insurance policy. Ensure that the premium is allocated appropriately, either as part of your cyber security budget or as a separate line item.

Stay informed about cyber risks

Be well-informed about the most concerning cyber risks, such as phishing attacks, ransomware, and weak cybersecurity systems and controls. Develop strategies to mitigate these risks, including employee training, advanced threat detection systems, and regular security audits.

Allocate cyber security budgets wisely

Ensure that your cyber security budget is sufficient and well-allocated. Consider the specific needs of your organisation, such as investing in advanced security technologies, training programs, and regular security assessments.

By implementing these recommendations, organizations can enhance their cyber resilience and better protect themselves against evolving cyber threats.

How can we help?

Protect your business today with cyber insurance

Cyber threats are on the rise, and your business could be the next target. Don't wait until it's too late - safeguard your assets and reputation with comprehensive cyber insurance.
Our policies provide financial protection, risk mitigation, and legal support in the event of a cyber-attack.