Cyber-attacks and data loss are the top risks facing Directors & Officers (D&Os), with COVID-19 and the forced change in working practices serving to heighten the concerns according to a global survey from Willis Towers Watson (NASDAQ: WLTW) and Clyde & Co, a leading global law firm.
The survey, covering UK, Europe, APAC and the US identifies the key risks for Directors across the globe with cyber-attacks (56% of respondents saying the risk was very significant or extremely significant), data loss (49%), regulatory risk (46%), Health and Safety risk (41%) and the risk of Employment claims (38%) making up the Top 5 risks this year.
In APAC, 42% of respondents stated cyber-attacks as their top concern. This may be attributable to the stark rise in publicized data breach events in the region in the last 18 months, combined with the trend of tightening data protection laws, with certain jurisdictions in Asia becoming more aligned to the penalties and obligations set out in the GDPR.
Other key findings of the report include:
- Increased vulnerability to data loss is resulting from business moving to new procedures and systems overnight due to the COVID-19 pandemic with remote working creating a fertile ground for cyber criminals.
- Regulatory and litigation risk continues to challenge organizations with board diversity now becoming mandatory to most businesses
- Expected concern about insolvency featured considerably lower than in the last survey despite speculation of a potential wave of insolvencies.
Jennifer Tiang, Regional Cyber Leader for Asia at Willis Towers Watson, said: “The survey results reflect the growing realization that cyber risk is not simply an issue to be handled by an organization’s IT team. It is a much broader issue cutting across all spheres of business and necessarily draws together stakeholders from risk, legal and IT teams, as well as requiring awareness of all employees from the ground up and board oversight from the top down. From cyber-attack to data loss, the financial impacts of a cyber event can be catastrophic.”
Joaquin Uy, D&O and Cyber Practice Lead for Willis Towers Watson Philippines, added: “One of the primary objectives of D&Os is to maximize returns for their shareholders and provide guidance in navigating a business, especially during challenging and uncertain times. Such is the case for all businesses as the COVID-19 crisis continues to affect organizations and people in the Philippines. The abrupt changes as a result of immediate transitioning to remote working have led to unforeseen risks, such as cyber risks, that are difficult to mitigate and quantify. Since remote working is the new normal, the integrity of personal data connections cannot be guaranteed and may lead to vulnerabilities in the data and critical information that is accessible to employees. This will provide opportunities for cyber criminals to launch bigger targets with bigger incidences and ransomware attacks, exposing D&Os to increased risks and severe consequences. Directors remain under a duty to demonstrate they have taken prudent steps to be apprised of their organization’s cyber risk and have a risk and insurance framework that reflects these considerations.”