The escalation of cyber-attacks across regions and industries alarms organizations, with 20% of CEOs in a survey saying “information security/cyber is the risk they are most concerned about,” KPMG says. The fast development of connected technologies has led to an increased number of more innovative schemes.
KPMG, which interviewed 1,200 CEOs from international corporations, discovered that 72% can’t keep up with new technologies, while 86% associate customer loyalty with cyber security. As a security infringement could hurt company reputation and customer loyalty, “some organizations are turning security into a selling point with touch identification,” said Malcolm Marshall, Global Head of Cyber Security at KPMG. What’s more, many C-level executives fail to grasp the particular features of cybercrime versus conventional crime or the vulnerabilities of their products and don’t see security as a strategic problem.
Organizations are exposed to a wide variety of risks, especially if they have physical infrastructure, such as those in the energy and industrial sectors, the study says. Although companies have the means to evaluate enterprise risks, they haven’t set up a proper strategy for cyber risks, Marshall adds. It’s not only that companies can’t properly evaluate third- and fourth-party risks, but they still need to cover more ground in terms of who could attack their infrastructure, which products or documents and why.
When first asked, half of the respondents felt prepared to take on a cyber-attack. But, when asked about specific scenarios, they were “either not planning or have delayed planning of important security measures.
While over 80% of American CEOs feel “fully prepared,” less than a third of European CEOs are as confident, although they have been looking at investing in cost-effective solutions, said Uwe Bernd-Striebeck, Cyber Security Leader for KPMG in Germany.