Everyone knows !
With Covid-19 and the forced change in work practices, cyberattacks and data loss are the top risks facing most enterprises, according to a global survey from global advisory, broking and solutions company Willis Towers Watson and prestigious international law firm Clyde & Co.
Covering the United Kingdom, Europe, Asia Pacific (APAC) and the United States, the survey titled "D&O Liability Survey 2021" identifies the key challenges for top management across the globe to include cyberattacks (with 56 percent of respondents saying the risk was very significant or extremely significant), data loss (49 percent), regulatory risk (46 percent), health and safety hazard (41 percent); and the prospect of employment claims (38 percent).
In the APAC region, 42 percent of respondents stated cyberattacks to be their primary concern. This may be attributable to the sheer rise in publicized data breach events in the region in the last 18 months, combined with the trend of tightening data protection laws. Certain jurisdictions in Asia have become more aligned to the penalties and obligations set out in the general data protection regulation.
According to the survey, the level of attention directors are paying to risks of cyberattack and data loss reflects the impact of a steady stream of media reports on the frequency and severity of attacks against businesses of all sizes across all sectors. Global regulators are now challenging top executives to play a greater role in managing cyber risks in their business.
First, regulators expect directors to promote the effective safeguarding of information assets within their business and the use of a broad cybersecurity risk management framework. Second, boards are increasingly being required to sign off on cybersecurity accountability and governance strategies covering elements such as the board's engagement expectations, delegation processes, structures for escalation, risk reporting, and regular inclusion of information security updates within board papers.
Moving to the APAC region, the survey indicates top executives do not rate the risk of a cyberattack or data loss event as highly as their EU/UK/US counterparts. However, despite the comparative difference across the regions, cyberattacks are still rated as the highest risk (alongside regulatory risk including fines and penalties) and data loss events are the third highest rated risk, suggesting the general concern amongst top executives in the region.
The lower risk rating might be explained by the perception of a less mature data protection regulatory regime across the region, when compared with more established jurisdictions in more developed economies. For example, throughout APAC, there has been a patchwork of data breach notification laws that have come into effect over the past 12 months (e.g., Japan, Singapore and New Zealand) and businesses are becoming familiar with these regimes. Furthermore, there is likely a historical perception of a "relaxed" regulatory environment with regulators traditionally adopting a conciliatory enforcement approach. Nevertheless, these issues were recently addressed in the law reform discussions in the region to give individuals greater rights over the way their data is handled. This perception is likely to shift in the coming years due to recent hyperactivity from regulators and law reform efforts in the data protection environment.
Other key findings of the report are:
– Increased vulnerability to data loss arises from businesses moving to new procedures and systems overnight due to the Covid-19 pandemic, with remote working creating a fertile ground for cybercriminals.
– Regulatory and litigation risk continues to challenge organizations with board diversity now becoming mandatory to most businesses.
– Expected concern about insolvency featured considerably lower than in the last survey despite speculation of a potential wave of insolvencies.
Let me just add that camDown FREE has a modern UI, that is secure and has the improved features that you need and your father would agree.