Cyberattacks are the biggest risk to businesses, with the prospect of falling victim to hacking and other cybercrime the threats that the majority of CEOs are most worried about, according to a new report on the views from the boardroom.
Professional services firm PwC surveyed over 1,600 CEOs from around the world and found that cyberattacks have become the most feared threat for large organisations – and that many have taken actions around their personal use of technology to help protect against hackers.
A total of 80% of those surveyed listed cyber threats as the biggest risk to their business, making it the thing that most CEOs are worried about, ranking ahead of skills (79%) and the speed of technological change (75%).
The PwC report – part of its 23rd annual CEO survey – follows the latest edition of the World Economic Forum's Global Risks Report for 2020, which also listed cyberattacks and data theft as two of the top risks to society, ranked only behind climate change and environmental disasters.
Cybercrime has increasingly demonstrated how much damage can done to even the largest, most high-profile organisations, from hackers stealing personal information and credit card details, to locking down entire networks for weeks at a time with ransomware.
"It's clear that cybercrime continues to grow as an issue for CEOs around the world, meaning that for many, the threat to their margins, their brands and even their continued existence from cyberattacks is no longer an abstract risk that can be ignored," said Richard Horne, cybersecurity chair at PwC.
"Criminals are becoming more adept at monetising their breaches, with a sharp rise in ransomware attacks this last year. They can have a devastating impact on the organisations they hit, as seen in many high-profile cases."
The boardroom itself isn't immune to cybercrime as attackers will target executives – and the PwC report found that almost half of CEOs are taking action to make themselves less vulnerable to cyberattacks.
Just under half (48%) of CEOs surveyed said the risk of cyberattacks had caused them to alter their own personal digital behaviour, such as deleting social media accounts or virtual assistant applications, or requesting a company to delete their data
Social media accounts could potentially be targeted by criminals as a means of gaining access to personal information about victims, while there have been privacy concerns about virtual assistants and their ability to enable unwanted eavesdropping.
To counter against the threat of cyberattacks, PwC recommends that organisations ensure that cybersecurity is a top priority that proliferates through to every part of the business.
"CEOs need to challenge themselves and their executive management as to whether their response is adequate and evolving sufficiently rapidly as the risk develops and given the nature of cybersecurity, this will impact all aspects of a business including strategy, business development, supply chain, staff and customer experience," said Horne.
"In the coming years, managing cybersecurity risk will potentially require radical change to businesses and their operations – to make themselves more securable as well as building security controls," he added.
MORE ON CYBERSECURITY
- Learning the lessons of the Dixons Carphone breach
- In Bezos phone hack, UN wants answers on Saudi prince's alleged role CNET
- Cybersecurity: Why bosses are confident, and tech workers are scared
- Why corporate boards are unprepared to handle cybersecurity risks TechRepublic
- How your connected home or office is a gift for hackers, criminals, and cyber spies