4 in 10 CEOs from the UK believe becoming a victim of a cyber attack is now a case of ‘when’ and not ‘if’ for their organisation, according to a survey of CEOs from some of Britain’s biggest businesses.
With reports of cyber attacks and breaches almost daily, 39% of UK CEOs surveyed believe they will be targeted by a cyber attack. Though, disheartening, this view was quite optimistic in comparison to their global counterparts, where 49% said they envisioned a cyber attack on their business.
Bernard Brown, Vice Chair at KPMG UK, commented: “The seeming inevitability of a cyber attack crosses all borders and has now crossed firmly over the threshold for board-level discussions. Protecting the business from a cyber-attack has jumped further up the boardroom agenda and we are seeing businesses making their defences the best that they can be.”
With the General Data Protection Regulation (GDPR) affecting all global businesses interacting with EU businesses and customers, it is worrying that only 40% of UK CEOs view customer data protection as one of their most important personal responsibilities in enabling long-term growth of the customer base. However, the survey also found that UK business leaders believe that a strong cybersecurity strategy is critical to engendering trust with key stakeholders, with 74% agreeing that cybersecurity is an enabler of trust, in comparison to only 55% of global CEOs.
“It is reassuring that UK CEOs see the value in having a good cyber security strategy which enables trust. The reality is that without trust, customers are likely to be increasingly resistant to sharing personal information, potentially undermining business models and strategies. Businesses need to turn privacy into a source of competitive advantage which will no doubt enable long-term growth of the customer base,” added Brown.
Nonetheless, cyber awareness amongst UK leaders is changing, with 39% believing that their organisations are either ‘very well’ or ‘well’ prepared for a future cyber-attack. Cybersecurity specialists are also seen as an effective part of the business with 45% of UK CEOs seeing their value, coming second to data scientists who are seen as being effective by 62% of the CEO cohort.
“It’s encouraging to see that CEOs are developing a more mature understanding of what cyber security actually means. Helped by non-executive directors (NEDs), they are beginning to ask more awkward and searching questions of their IT teams: what are the challenges that face us specifically, what risks are we carrying, what do we need to be resilient to a cyber-attack? Organisations are spending more time planning for worst case scenarios, running simulations and thinking in detail about how they would deal with the uncertainties that arise during a cyber breach,” concluded Brown.
The survey was conducted by KPMG who asked 50 UK leaders and a further 1,150 CEOs from across the world about their future investment plans and the challenges and opportunities facing their companies.
Written from press release by Leah Alger