Bosses fear emerging cyber threats as regulators toughen stance

Directors and officers across the globe fear the impact of cyber-attacks and data loss above all risks according to new research with the warning pressure for regulators to ensure cyber security will only increase.

The global survey from broker Willis Towers Watson and law firm Clyde & Co, sought to identify the key risks for Directors across the globe, with managers from the UK, Europe, APAC and the US questions on the risks that keep them awake at night.

The biggest fear is cyber-attack, with 56% of respondents saying the risk was very significant or extremely significant. Data loss was a major concern for 49%) of management and regulatory risk is a significant concern for 46%. Health and Safety risk (41%) and the risk of Employment claims (38%) making up the top five risks for the year.

The report found increased vulnerability to data loss is resulting from business moving to new procedures and systems overnight due to the COVID-19 pandemic with remote working creating a fertile ground for cyber criminals.

“Global regulators have become concerned about the consequences of the attacks and are challenging directors to play a greater role in managing cyber risk in their business,” the report stated. “First, they are looking for directors to promote the effective safeguarding of information assets within their business and the use of a broad cyber security risk management framework.

“Second, regulators are increasingly demanding that boards sign off on cyber security accountability and governance strategies covering elements such as the board’s engagement expectations, delegation processes, structures for escalation, risk reporting, and regular inclusion of information security updates within board papers. Emerging legislation suggests that the scale of expectations placed on directors to promote cyber resilience will only increase in the future.”

According to the study regulatory and litigation risk continues to challenge organisations with board diversity now becoming mandatory to most businesses.

“With board diversity class actions in the US and NASDAQ imposing minimum board diversity levels and similar regimes being considered by the FCA in the UK, board diversity is becoming not just a concern, but a mandatory part of business, at least for some companies,” stated the report. “Climate change too is being forced into the board room as a leading issue.

“As well as legal actions being brought in the US and in Australia, both the Australian Prudential Regulatory Authority and the UK Prudential Regulatory Authority are looking at climate-related stress tests for banks and insurers. In the US, the Commodities Futures Trading Commission and the SEC have both issued statements regarding the seriousness of climate change as a risk to businesses and in the UK, climate change is being included as a key risk which has to be considered by boards and pension trustees.”

The report found the expected concern about insolvency featured considerably lower than in the last survey despite speculation of a potential wave of insolvencies.

“Whilst the survey suggests that Directors and Officers are somewhat less concerned about insolvency, bankruptcy or corporate collapse, what we hear from insurers is that they are concerned that corporate or financial restructuring, job losses and insolvencies could trigger investigations into directors’ conduct and then transcend into D&O claims,” explained the report. “There is also increased focus on analysing corporate governance and assessing how boards are managing risks during the pandemic.”

“There is no doubt that boards have a huge task on their hands to navigate this broad range of risks,” the report concluded. “They must ensure robust, resilient business models are in place that are sustainable and profitable, whilst ensuring the welfare and safety of the business’s people – both employees and customers and the wider impact of its actions on the environment and society as a whole.”

The biggest fear is cyber-attack, with 56% of respondents saying the risk was very significant or extremely significant. Data loss was a major concern for 49%) of management and regulatory risk is a significant concern for 46%. Health and Safety risk (41%) and the risk of Employment claims (38%) making up the top five risks for the year.

SHARE: