Ernst & Young is waiting for a spike in proposals to insure cybersecurity risks in Ukraine in 2019, according to a study by Ernst & Young Global Limited posted by the Ukrainian representative office of the company.

"The high level of damage to business from cybercrime around the world encourages companies to look for ways to manage these risks from the outside. One of the available options is to insure cyber risks, so similar offers from insurance companies are the expected trend of 2019 in Ukraine," Senior Manager of information technology and IT risk management department of EY in Ukraine Dmytro Lazuchenkov said.

According to EY Global Information Security Survey 2018–2019, Ukrainian businesses are still characterized by the active migration of large Enterprise IT solutions to cloud services and the performance of business-critical operations in public "clouds."

In a highly competitive environment, cloud solution providers are trying to reduce costs by reducing investment in technical tools and staff skills that are necessary to ensure the security of a cloud solution. This leads to the fact that cloud environments are becoming more susceptible to attacks by cybercriminals," the company said in a press release.

EY said that the state-run institutions of Ukraine also should not forget about countering cyber threats.

According to EY Global Information Security Survey 2018-2019, vulnerabilities with the most increased risk exposure over the past 12 months were careless/unaware employees (34%), Outdated security controls (26%), unauthorized access (13%), and related to cloud-computing use (10%).

Most organizations (82%) are not sure if they successfully identify cybersecurity incidents. Among organizations suffered from incidents over the past 12 months, less than one third (31%) say that the incident was revealed by the cybersecurity service of the company.

EY said that 60% of organizations say that the person directly responsible for information security is not a board member. Only 18% of organizations say that information security fully influences business strategy plans on a regular basis.