7 RESILIENCE LEVERS

Digital ecosystems continue to be a key area of concern for G20 organisations in 2022 – with data privacy breaches and cybersecurity incidents in particular posing companies a unique threat within the digital sphere

 

An ever-evolving array of global data protection laws to contend with, coupled with the growing capabilities of malign actors (both nation-state and private), remote working practices and an increasingly complex regulatory environment are demanding greater proactivity than ever before.

Cybersecurity incidents in particular have had an adverse impact, with four out of five G20 companies negatively impacted over the last year: a 6% increase since September 2021. Cyber-attacks are the most anticipated threat among respondents today.

85%

REPORTED WEAKNESS IN THEIR INCIDENT RESPONSE CAPABILITIES IN 2021

However,

58%

DO NOT FULLY UNDERSTAND THE CYBER RISKS POSED BY THIRD PARTIES

44

EXPECT TO ASSESS THEIR CYBERSECURITY PROGRAMME IN THE NEXT 12 MONTHS

 

A new hybrid workforce and use of personal devices for work has presented risks such as shadow IT and new phishing techniques, whilst emerging technologies such as ransomware, blockchain and AI are of greatest concern to Chief Information Security Officers. Companies are also increasingly aware of – and sensitive to - the secondary effects of a cyber attack, such as increased media scrutiny and reputational damage, as well as the impact of privacy issues on M&A decisions.

Some of the new working methods resulting from the pandemic have also led to data privacy vulnerabilities. More than a third (37%) of companies surveyed have experienced an increase in privacy breaches or violations as a result of increased use of collaboration apps, personal devices and remote work environments. Concerns around the knock-on effects of data privacy issues also mirror those  around cyber-attacks, with 37% of companies also expecting media scrutiny on data privacy.

DATA RISKS

As a result of these growing vulnerabilities and a constantly evolving threat landscape, G20 organisations must continue to assess their cybersecurity defences in order to keep pace with both malign actors and satisfy regulators: . More than half of G20 organisations (51%) have already had to notify regulators or individuals directly regarding breaches of personal data or personally identifiable information over the last year – a figure that is likely to increase over the next 12 months.

Countering threats requires a holistic, 360-degree strategy that addresses both data privacy and cyber-security threats. And whilst 53% of G20 organisations take a proactive stance on cybersecurity, proactivity doesn’t automatically translate into preparedness. Indeed, despite an awareness of threats and proactive efforts in addressing them, 85% of G20 companies reported some form of weakness in their incident response capabilities, with 33% saying that of their incident response capabilities, detection and analysis is weak and nearly six out of ten (58%) not fully understanding the cybersecurity risks posed by third parties.

This is cause for alarm, as organisations that are struggling to determine whether they have been compromised, and what the scope of the incident involves, are unable to appropriately manage the fallout or properly react. This weakness not only impacts resilience, but also reputation management and compliance with regulatory requirements.

6%

INCREASE IN CYBER ATTACKS IN THE LAST 12 MONTHS

29%

REPORT THAT THEIR CRISIS COMMUNICATIONS PLANS FOR CYBERSECURITY ARE NOT SUFFICIENT

INSIGHTS

slide left

Why Energy Sector Cybersecurity Is Essential

October 27, 2021 - With cyber attacks on the rise, energy companies should plan now for the nightmare scenario. The global energy sector is more interconnected, automated and digitized than ever before. But despite these technological advances, most energy companies are still largely unprepared to defend against cyber attacks — a vulnerability that grows more dangerous every day.

READ MORE

How Data Protection Has Become a Business-Critical Priority in the Middle East

Organisations that store personal and sensitive data possess millions of data artifacts—each representing unique risk and value—within their enterprise systems. With cybersecurity incidents on the rise, the stakes around data protection have become higher than ever before, yet many organisations still do not realise the extent of disruption that can result when systems are breached.

READ MORE

Ransomware on the Rise: Preventing and Responding to a Cybersecurity Crisis

The threat of ransomware is becoming increasingly worrisome for Latin American corporations and governments. Organizations in Brazil are at an especially high risk, as the country represents the highest share (nearly 50%) of Latin American targets attacked using ransomware. 

READ MORE

Future-Proofing Corporate Data Privacy: Budgeting and Solutions to Address Tomorrow’s Compliance Challenges

FTI Consulting surveyed over 500 corporate data privacy leaders to understand the solutions, strategies and budgets companies have planned to address data privacy challenges in the coming year.

READ MORE

Data-Driven Challenges in Merger Investigations

August 19, 2021—Many corporations are now grappling with the challenge of timely compliance to these information requests because of ever-increasing data volumes and the need to consider a variety of data sources, including new collaboration platforms such as Microsoft Teams, Slack, Google Workspace, etc. 

READ MORE

Addressing Third-Party Cyber Risk: Moving Beyond a False Sense of Security

June, 2021—In today’s corporate environment, it is commonplace to outsource business operations functions to third-party suppliers for increased efficiency and to optimize internal resources. However, the added outsourcing benefits also carry significant cyber risk, as these connected entities can serve as an access point for cyber actors.

READ MORE

Mobile Money Is Driving Financial Inclusion, but Beware the Risks

June 3, 2021—Mobile money products and services have taken off in many parts of the world, to the extent that in some regions they have become more widely used than traditional banking. In the Middle East, fintech is growing by 30% annually and projected to generate $2 billion in investment capital funding by 2022.

READ MORE

Beyond the Pandemic: EMEA Data and Discovery Roundtable

Many organisations are worried about IP theft, data privacy breaches and compliance violations that may occur while employees are dispersed and working from home. What can companies do to mitigate this new landscape of risk—both while their employees continue to work remotely and when they begin to return to the office?

READ MORE

Strengthening Cyber Resilience in the Wake of the Pandemic in South Africa

April 17, 2021—Cybersecurity remains a significant concern for businesses in South Africa. Early on in the pandemic, cybersecurity experts reported dramatic increases in attacks on businesses in the region, with hundreds of thousands of devices and accounts being exploited each week. Unfortunately, though cyber risks have continued to increase, the pressures of the last year have prevented most businesses from taking the proactive steps needed to mitigate their risk.

READ MORE
slide right