As organisations embrace new digital working practices, new digital risks are introduced.

From loss of data and intellectual property to ransomware, DDoS and phishing attacks, organisations are facing an unprecedented set of cybersecurity and data privacy challenges impacting their operations, finances and reputation.

The global pandemic has accelerated digital decentralisation, with organisations operating in a wider ecosystem of partners, workers, suppliers and customers. As such, the increase in remote working – heavily reliant on third-party systems – has for the first time become the greatest risk factor (37%) cited by G20 companies in our research.


of G20 companies agree that cybersecurity has risen up the board’s agenda



admit they do not fully understand the cyber risk posed by third parties


of organisations agree their employees are more aware of cyber threats than 12 months ago


According to our data, 81% of G20 organisations agree that cybersecurity has risen up the board’s agenda, although 62% admit they do not fully understand the cyber risk posed by their vendors, and only 27% said that third-party risk is a pressing concern.

This demonstrates that whilst the majority of organisations are increasingly aware of cyber risks, they remain unsure as how to address the wide range of existing and emerging threats.

The changing nature of how organisations conduct business has instigated a shift in the prevalence and type of cyber attacks. For the third year in a row, the number of G20 organisations affected by cyber attacks has increased – up to 78% in 2021 from 75% in 2020. The frequency of phishing/social engineering attacks, which rose 5% in the last year to 34% in 2021, have become the most common form of cyber attack.


Our data also shows that there remains a considerable discrepancy between the damage – reputational, regulatory and financial – that cyber attacks are causing to these organisations and their state of preparedness.

One in four organisations say they have lost revenue as a result of data privacy issues in the last 12 months, and nearly one-third expect to experience a data privacy investigation in the coming year. Despite this, many organisations continue to overlook data privacy compliance until an incident arises - only 52% are mainly proactive in managing data privacy risk.

The regulatory risks surrounding cyber attacks and data privacy violations are also increasing. More than 27% of G20 organisations are currently experiencing a data privacy investigation or expect to in the year ahead. Organisations affected by cyber attacks typically lose 1.75% of turnover – $3.4m for the median firm. Yet despite these vast financial risks and an increasingly pressurised regulatory environment, investment and proactive mitigation of these issues are still stagnating.


of G20 organisations were affected by a cyber attack in the last 12 months


of G20 organisations are currently experiencing a data privacy investigation or expect to in the year ahead


slide left

How Data Protection Has Become a Business-Critical Priority in the Middle East

Organisations that store personal and sensitive data possess millions of data artifacts—each representing unique risk and value—within their enterprise systems. With cybersecurity incidents on the rise, the stakes around data protection have become higher than ever before, yet many organisations still do not realise the extent of disruption that can result when systems are breached.


Ransomware on the Rise: Preventing and Responding to a Cybersecurity Crisis

The threat of ransomware is becoming increasingly worrisome for Latin American corporations and governments. Organizations in Brazil are at an especially high risk, as the country represents the highest share (nearly 50%) of Latin American targets attacked using ransomware. 


Future-Proofing Corporate Data Privacy: Budgeting and Solutions to Address Tomorrow’s Compliance Challenges

FTI Consulting surveyed over 500 corporate data privacy leaders to understand the solutions, strategies and budgets companies have planned to address data privacy challenges in the coming year.


Data-Driven Challenges in Merger Investigations

August 19, 2021—Many corporations are now grappling with the challenge of timely compliance to these information requests because of ever-increasing data volumes and the need to consider a variety of data sources, including new collaboration platforms such as Microsoft Teams, Slack, Google Workspace, etc. 


Addressing Third-Party Cyber Risk: Moving Beyond a False Sense of Security

June, 2021—In today’s corporate environment, it is commonplace to outsource business operations functions to third-party suppliers for increased efficiency and to optimize internal resources. However, the added outsourcing benefits also carry significant cyber risk, as these connected entities can serve as an access point for cyber actors.


Mobile Money Is Driving Financial Inclusion, but Beware the Risks

June 3, 2021—Mobile money products and services have taken off in many parts of the world, to the extent that in some regions they have become more widely used than traditional banking. In the Middle East, fintech is growing by 30% annually and projected to generate $2 billion in investment capital funding by 2022.


Beyond the Pandemic: EMEA Data and Discovery Roundtable

Many organisations are worried about IP theft, data privacy breaches and compliance violations that may occur while employees are dispersed and working from home. What can companies do to mitigate this new landscape of risk—both while their employees continue to work remotely and when they begin to return to the office?


Strengthening Cyber Resilience in the Wake of the Pandemic in South Africa

April 17, 2021—Cybersecurity remains a significant concern for businesses in South Africa. Early on in the pandemic, cybersecurity experts reported dramatic increases in attacks on businesses in the region, with hundreds of thousands of devices and accounts being exploited each week. Unfortunately, though cyber risks have continued to increase, the pressures of the last year have prevented most businesses from taking the proactive steps needed to mitigate their risk.

slide right