As the economy grapples with the forced change in working practices caused by COVID-19, cyber-attacks and data loss remain the top risks facing directors & officers (D&Os), according to a global survey from Willis Towers Watson and international law firm Clyde & Co.
The survey, which covered the UK, Europe, Asia-Pacific, and the US, found that cyberattacks were identified by 56% of respondents as a very significant or extremely significant risk. This was followed by data loss (49%), regulatory risk (46%), health and safety risk (41%) and employment claims (38%) to round out the top five.
In Asia-Pacific, 42% of respondents cited cyberattacks as the top concern. According to Willis Towers Watson, this may be due to the sharp increase in publicized data breach events in the region over the past 18 months, combined with the trend of tightening data protection laws. Some Asian jurisdictions’ data protection regimes are becoming more in line with the European Union’s GDPR, which is known as one of the strictest regulations globally.
The study also reported the following findings:
- Increased vulnerability to data loss is resulting from business moving to new procedures and systems overnight due to the COVID-19 pandemic with remote working creating a fertile ground for cyber criminals;
- Regulatory and litigation risk continues to challenge organizations with board diversity now becoming mandatory to most businesses; and
- Expected concern about insolvency featured considerably lower than in the last survey despite speculation of a potential wave of insolvencies.
“The survey results reflect the growing realization that cyber risk is not simply an issue to be handled by an organization’s IT team,” said Jennifer Tiang, regional cyber leader for Asia at Willis Towers Watson.
“It is a much broader issue cutting across all spheres of business and necessarily draws together stakeholders from risk, legal and IT teams, as well as requiring awareness of all employees from the ground up and board oversight from the top down. From cyberattack to data loss, the financial impacts of a cyber event can be catastrophic.”