Some senior executives may be dangerously overconfident in their companies’ abilities to fend off cyber attacks, a global survey suggests.

In a Willis Towers Watson poll of 452 C-suite executives and board members, some respondents gave themselves above-average ratings in every area of cyber resilience.

Yet there are dangerous gaps in basic security measures among many companies, the survey report warns.

Only 44% of respondents have implemented security awareness training, only 40% have identified employees at risk of cyber attacks, and only 38% are measuring if their cyber training is effective.

About 27% have post-breach workforce planning, and 39% have security incident communication. Only 40% have planned how to keep the business operating during a cyber incident, and 32% have policies in place to change company systems after an attack.

Most respondents feel they are lagging their peers on learning from cyber incidents.

About 13% believe they are above average compared with peers at applying lessons from attacks.

When not comparing themselves to others, 24% think they are somewhat above average, and the same number think they are below or well below average.

About 14% of companies think they are above average at filling cyber talent gaps.

Willis Towers Watson says one-third of respondents have experienced a serious cyber incident in the past year.

The results come just days after a cyber attack brought down systems across diverse national brokerage Insurance House. Its underwriting agency ProRisk, authorised representative network, brokerage, affinity business and life insurance operation have all been affected.

A phishing email, which contained a link, seeded malware onto the group’s systems. More than 400 computers across the group have since been restored.