Company directors are understandably spooked by the threat of cyber attacks, extortion and ransomware, a survey has found.
The new survey from Willis Towers Watson and Clyde & Co identified the key risks for directors and officers of companies.
Cyber-attacks, data loss and cyber extortion emerged as the top risks this year, with 65% of respondents saying the risk of cyber-attack is very significant or extremely significant.
Additionally, 63% say the same of data loss and 59% fear very significant or extreme significant risk of cyber extortion.
|Sponsored by Charter Hall Group
Commercial property. Currently 5%+ yield p.a.
The concern is warranted; according to WTW there has been a 200% increase in ransomware claims notifications under cyber-insurance policies since 2019.
“Ransomware has become a low investment, low risk and high reward method of cybercrime which organisations cannot ignore,” WTW said.
“From an industry sector perspective, our data shows the top three industry sectors impacted by ransomware attacks are healthcare, manufacturing and education. In 2021, we also saw a shift in tactics from the cybercriminals, including one of the first major attacks against critical infrastructure, the highly publicised Colonial Pipeline attack. As a result, governments and regulators have been alerted to ransomware and extortion activity.”
The other big risk on the minds of company leadership is climate change.
COP26 combined with increasing governmental and regulatory measures has driven up concerns around climate change risk in some regions, WTW found. It was the sixth most significant risk for survey respondents in Great Britain, Asia, and Australasia.
“With a volatile business environment resulting from the pandemic and geopolitical pressures it is no surprise that cyber risks are high on the list of directors’ concerns,” WTW global head of FINEX Jeremy Wall said.
“Emerging risks such as climate change are also spotlighted, and we believe the report will provide a great resource to support directors and risk managers when refining their risk management strategies.”