Mazars, the international audit, tax and advisory firm, has released its cyber security report: is your safety net strong enough? According to research amongst more than 1,000 C-suite executives worldwide, cyber security is now a major preoccupation among corporate leaders. Effective cyber defence has become a delicate balancing act for many businesses; having a strong safety net that can cushion any eventual fall is paramount.
Robert Kastenschmidt, Partner and Head of Consulting at Mazars says: “Cyber threats are all around us. This is not paranoia, it’s an unfortunate reality: every day brings new hacks, new data leaks, new embarrassment – and new costs, both financial and commercial. Nobody is spared. Collectively, we are getting better at preventing and detecting cyber break-ins and limiting their damage, but no system is fool proof. The technological advances that can protect us also provide cyber criminals with more advanced tools including artificial intelligence that can keep them several steps ahead of the organisations they target.”
Getting real about rising cyber risk
Our research shows that business leaders feel cyber threats are growing, with more than one in three bracing for a significant attack somewhere in their organisation in the next 12 months.
The perceived change is highest in the United States and Europe, with more than 60% seeing rising dangers. Large companies with more than $1 billion in annual revenue appear the most concerned but criminals don’t discriminate, probing everyone for vulnerabilities, regardless of size.
When talking about the risks of cyberattacks, no company is secure enough, no matter if it’s a small or a big one. Indeed, we can say those small businesses are more at risk because they don’t invest as much as the bigger companies in staff and technology. But nevertheless, it is not impossible to protect yourself if you’re small. It just requires a lot of careful planning.
Bring it on: gauging readiness for cyber security
Despite their concern about cyber risk, most companies express confidence about their ability to protect themselves in the event of an attack. More than two-thirds of business leaders (68%) tell us that they feel their organisation’s data is “completely protected”. Confidence is highest in the United States, where 80% of respondents feel completely protected.
For C-suite executives worldwide, cyber risk largely translates into fear of financial risk. More than half (56%) of the business leaders we surveyed put financial losses at the top of the list of the biggest risks to their organisation regarding cyber security and data protection.
Confidence or complacency?
Many companies, especially those in the most exposed sectors such as banking and retail, have accumulated a deep understanding of both the risks and the organisation-wide response and recovery strategies needed to deal effectively with cyber threats. But there is sometimes a gap between the IT reality and managers’ confidence about the extent of the protection.
The retail sector, for example, is at risk all the time. When you handle private data from clients, including credit card numbers, you have to be extra safe. And retailers are taking cyber security seriously – they have been doing so for years, and this is the reason why they seem confident.
Not if, but when: five pillars of defence
A robust defence against cyberattacks depends on your ability to identify, prevent, and then detect attacks. Post-attack response and recovery need to be carefully planned and extensively tested. In our report we explore these five pillars of smart defence against cyber threats: identification, prevention, detection, response and recovery.
Strengthening the cyber safety net
Cyber threats are here to stay—and they will get worse. That is the sober reality of C-suite sentiment, as reflected in our annual barometer. Business leaders have no choice but to live with that reality and deal with it as best they can. Many are confident they can withstand significant attacks, but why tempt fate? Mazars’ six key takeaways for surviving and thriving in a cyber-scary world are designed to spur action, with relevance not just for business leaders and IT teams but for all employees.
Romanian C-suite leaders, concerned about their data protection
Just like it was expected, the risk regarding cyber-attacks is increasing. An important factor of this increase is represented by the geopolitical conflicts and threats, which can lead to state-sponsored attacks on essential infrastructures and services.
The increasing reliance that companies have on technology, as a business decision-making tool, by including Artificial Intelligence (AI) and big data processing, is also driving investments in data protection and identity-systems as a response to the attacks. Within the sustainable strategies of development of these companies, there will always exist a relationship between the development investments of each business and the protection measures from these attacks.
„Based on our annual C-suite barometer, in Romania, only 31% C-suite leaders feel their data is “completely” protected, vs. 68% globally. Two-thirds feel that they’re likely to have a data breach next year, vs. roughly one-third globally. For most businesses, it’s not a question of if you will suffer a cyberattack but when. It can cause huge damage, not just reputationally, but also commercially and financially. Businesses need to ensure they are as robust and resilient as possible to withstand cyber threats.”, mentioned Horațiu Nistor, Senior Manager, IT Audit & Advisory, Mazars Romania.
Click here to download the full report.