Most board members and senior leaders in companies have spent less than one day in the past year focusing on cyber risks, according to a survey by broker Marsh and tech giant Microsoft.

The global poll of 1500 organisations outlines the state of cyber risk perceptions and risk management, with the shortage of time to address an increasing level of risk a major problem.

Nearly 80% of the organisations polled rank cyber risk as a “top-five" concern, compared to 62% in 2017.

Only 11% express a high degree of confidence in their ability to assess cyber threats, prevent cyber-attacks, and respond effectively – down from 19% two years ago.

While 65% of organisations identified a senior executive or the board as a main owner of cyber risk management, only 17% of executives and board members said they spent more than a few days in the past year focusing on the issue.

More than half, 51%, spent several hours or less.

Marsh says organisations continue to embrace new technologies, but they are uncertain about the risks they bring.

More than three-quarters (77%) of respondents say they are adopting or have adopted cloud computing, robotics, or artificial intelligence – but just 36% say they evaluate cyber risk both before and after adoption and 11% don’t evaluate the risk at all.

“We are well into the age of cyber risk awareness, yet too many organisations still struggle with creating a strong cybersecurity culture with appropriate levels for governance, prioritisation, management focus, and ownership,” Kevin Richards, Global Head of Cyber Risk Consulting for Marsh, said.

“This places them at a disadvantage both in building cyber resilience and in confronting the increasingly complex cyber landscape.”