The Results Are In: Cyber-security Ranks as 2019 Top Organisational Risk
Between the variety of cyber-security concerns that companies faced throughout 2018—including compliance with the recently debuted GDPR, high-profile data breaches and social media privacy scandals, to name a few—it’s no surprise that the European Confederation of Institutes of Internal Auditing’s (ECIIA) Risk in Focus 2019 report found that organisations labelled cyber-security as their greatest risk.
And the race for the top spot wasn’t a close one. Indeed, 66 per cent of organisations ranked cyber-security as one of their top five risks, with matters such as compliance and data security coming in second place with 58 per cent. Additionally, 15 per cent of organisations identified cyber-security as their single most important risk. With the cost of damage from cyber-attacks expected to double by 2021, it’s crucial for your business to prioritise cyber-security measures. Consider these key points from the ECIIA report to identify where your organisation can improve:
- Staying safe on the cloud—While using the cloud provides multiple benefits, such as reducing software costs, improving remote working capabilities and easing collaboration efforts, this digital mass of data housed in a central location is a primary target for cyber-attacks. In fact, Microsoft reported that the number of attacks on customers’ cloud-based accounts quadrupled in 2017, largely as a result of poor password management and phishing scams. If your organisation uses the cloud, it’s critical to establish a strong security framework.
- Securing your supply chain—Although some hackers target organisations directly, the ECIIA report revealed that many cyber-criminals use a company’s connections (key suppliers and partners) to instigate a data breach. Nearly 60 per cent of organisations experienced an attack that was caused by a supplier in 2017. With this in mind, it’s important to realise that your organisation can’t just focus on your own cyber-security measures, but must find ways to bolster your entire supply chain with data protection initiatives.