Internal auditors have named cybersecurity the top risk faced by their businesses
Cyber-security, regulatory change and digitalisation are the top three risks faced by businesses.
A survey of 528 chief internal auditors discovered that 78% named cybersecurity and data security as a top-five threat facing their organisation, 59 per cent cited regulatory change and 58 per cent highlighted digitalisation.
The number of chief internal auditors citing cybersecurity as a top-five risk has increased 18 per cent since last year, while this year 21 per cent named it as the greatest risk their business faced.
Is Cyber Security really that bad?
Putting it simply, yes. Back in September Facebook suffered a huge data leak, in which exposed phone numbers of 419m users, 18 million being from the United Kingdom. All were found on a server that was not secured by a password, containing unique Facebook IDs, which can then be used to discern usernames.
It’s time to take Cyber Security seriously
68% of chief internal auditors said cybersecurity risks is one of the top five risks internal audit devotes its time and resources to.
The chief auditor of a German multinational insurer said that cybersecurity: “Is not just a compliance risk but also a commercial risk and opportunity. It is something that can set us apart from our competitors.”
A chief auditor of a German transport group stated: “We have almost doubled our IT auditor headcount in recent years in order to be able to thoroughly audit cybersecurity.”
On the rocketing state of regulatory compliance, the chief internal auditor of a Swedish bank said: “If we look at the number of hours we allocate for mandatory regulatory and compliance audits, it amounts to about 20 per cent of the total number of hours and it is increasing every year. But our resources are not increasing in line with that. That’s a real challenge.”
Cyber-attacks are happening every day, not once a year
With other key threats such as outsourcing, supply chains and third-party risk (36%), business continuity and resilience (31%), financial risks and macroeconomic and political uncertainty (29%).
Ian Peters, chief executive of the Chartered Institute of Internal Auditors, said: “Cybersecurity is a problem we regularly see on the news from the theft of 500 million Marriott hotel guests’ personal information, to the security breach which exposed 50m Facebook user identities.”
Peters said the threat from regulatory changes is likely to become “more severe” for UK and Irish businesses, “as they face the prospect of further regulatory change because of Brexit”.
We’re Iron Dome
we take a security-first approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take.
To book a consultation or to arrange a further discussion, please get in touch.