From loss of data and intellectual property to ransomware, DDoS and phishing attacks, organisations are facing an unprecedented set of cybersecurity and data privacy challenges impacting their operations, finances and reputation.
The global pandemic has accelerated digital decentralisation, with organisations operating in a wider ecosystem of partners, workers, suppliers and customers. As such, the increase in remote working – heavily reliant on third-party systems – has for the first time become the greatest risk factor (37%) cited by G20 companies in our research.
THE DIGITAL THREAT LANDSCAPE
According to our data, 81% of G20 organisations agree that cybersecurity has risen up the board’s agenda, although 62% admit they do not fully understand the cyber risk posed by their vendors, and only 27% said that third-party risk is a pressing concern.
This demonstrates that whilst the majority of organisations are increasingly aware of cyber risks, they remain unsure as how to address the wide range of existing and emerging threats.
The changing nature of how organisations conduct business has instigated a shift in the prevalence and type of cyber attacks. For the third year in a row, the number of G20 organisations affected by cyber attacks has increased – up to 78% in 2021 from 75% in 2020. The frequency of phishing/social engineering attacks, which rose 5% in the last year to 34% in 2021, have become the most common form of cyber attack.
DATA RISKS
Our data also shows that there remains a considerable discrepancy between the damage – reputational, regulatory and financial – that cyber attacks are causing to these organisations and their state of preparedness.
One in four organisations say they have lost revenue as a result of data privacy issues in the last 12 months, and nearly one-third expect to experience a data privacy investigation in the coming year. Despite this, many organisations continue to overlook data privacy compliance until an incident arises - only 52% are mainly proactive in managing data privacy risk.
The regulatory risks surrounding cyber attacks and data privacy violations are also increasing. More than 27% of G20 organisations are currently experiencing a data privacy investigation or expect to in the year ahead. Organisations affected by cyber attacks typically lose 1.75% of turnover – $3.4m for the median firm. Yet despite these vast financial risks and an increasingly pressurised regulatory environment, investment and proactive mitigation of these issues are still stagnating.
The threat of ransomware is becoming increasingly worrisome for Latin American corporations and governments. Organizations in Brazil are at an especially high risk, as the country represents the highest share (nearly 50%) of Latin American targets attacked using ransomware.
READ MORE
FTI Consulting surveyed over 500 corporate data privacy leaders to understand the solutions, strategies and budgets companies have planned to address data privacy challenges in the coming year.
READ MORE
August 19, 2021—Many corporations are now grappling with the challenge of timely compliance to these information requests because of ever-increasing data volumes and the need to consider a variety of data sources, including new collaboration platforms such as Microsoft Teams, Slack, Google Workspace, etc.
READ MORE
June, 2021—In today’s corporate environment, it is commonplace to outsource business operations functions to third-party suppliers for increased efficiency and to optimize internal resources. However, the added outsourcing benefits also carry significant cyber risk, as these connected entities can serve as an access point for cyber actors.
READ MORE
June 3, 2021—Mobile money products and services have taken off in many parts of the world, to the extent that in some regions they have become more widely used than traditional banking. In the Middle East, fintech is growing by 30% annually and projected to generate $2 billion in investment capital funding by 2022.
READ MORE
April 17, 2021—Cybersecurity remains a significant concern for businesses in South Africa. Early on in the pandemic, cybersecurity experts reported dramatic increases in attacks on businesses in the region, with hundreds of thousands of devices and accounts being exploited each week. Unfortunately, though cyber risks have continued to increase, the pressures of the last year have prevented most businesses from taking the proactive steps needed to mitigate their risk.
READ MORE
