According to the Willis Fortune 500 Cyber Disclosure Report, 2013, more than half of the U.S. listed Fortune 500 firms say they would face "serious harm" or be "adversely impacted" by a cyber attack.

The report states that 88 percent of Fortune 500 companies are following U.S. Securities and Exchange Commission (SEC) guidelines as of April 2013 by providing some level of disclosure regarding cyber exposures.

The companies identified the top three cyber risks as loss or theft of confidential information (65 percent), loss of reputation (50 percent), and direct loss from malicious acts such as hackers or a virus (48 percent).

Still, only 6 percent of companies said they had purchased insurance to cover cyber risks, and 15 percent said they don't have the resources to protect themselves against critical attacks.