Executives have wrong perception of cyber threats, survey finds

As the business world shifts and evolves at breakneck pace, organisations are constantly facing new sources of risk. Whether it's corruption, fraud or other forms of corporate crime such as cyber attacks, the board in particular needs to develop strategies to combat these emerging threats.

Cybercrime is one of the fastest growing risks to businesses today – but are executives around the world suitably concerned by it? As a recent global survey from EY found, the answer may be no.

According to the consulting firm's 13th Global Fraud Survey, entitled 'Overcoming compliance fatigue: reinforcing the commitment to ethical growth', many executives around the world recognise that threats such as fraud, bribery and cybercrime are increasing around the world, but do not treat them as sources of concern. While the majority believed the emergence of cybercrime is on a "significant scale", barely half (48 per cent) said it represents "a very or fairly low risk to their business".

The survey involved in-depth interviews with almost 3,000 business leaders from 59 countries, around half (48 per cent) identified hackers as the biggest cybercrime concern. However, worryingly high proportions of executives do not appreciate the true extent of such threats and underestimate the risk presented.

Brian Loughman, EY Americas leader of fraud investigation and dispute services (FIDS), said that company boards simply need to assume a greater role in understanding the scale of these threats and suitably monitoring them.

"Cybercrime and other emerging threats are becoming more prevalent, and with the US Securities and Exchange Commission increasingly focusing on cyber risks as they relate to the integrity of financial statements, boards and audit committees need to be vigilant in monitoring these risks," he stated.

It is therefore essential that those at the head of an organisation appreciate that cybercrime is now a rampant business threat, and one that will only grow into the future. Taking steps such as offering information security training for staff is the best way to protect your business from these risks, today and tomorrow.