Currently companies spend almost $100bn on cyber security, with the bulk going on technology infrastructure to defend against external threats.

However, our 2017 Cyber Risk Survey shows that 58% of cyber claims are attributable to employee behaviour, such as negligence, accidental disclosure and lost or stolen devices. When we include vulnerabilities that exist due to a talent or skills shortage in cyber security, the percentage attributable to internal human issues is closer to 90%.