The Conversation (0)
KPMG Study Reveals CEOs to be Unprepared for Cyber Attacks
Sep. 04, 2015 02:52PM PST
Technology InvestingA recently released study from KPMG reveals that half of CEOs surveyed feel that their organizations are not prepared, or are only partially prepared, for a cyber attack.
A recently released study from KPMG reveals that half of CEOs surveyed feel that their organizations are not prepared, or are only partially prepared, for a cyber attack.
According to an article on Inc.:
Only one fifth of the CEOs considered information-security risk to be at the top of their list of business concerns. This combination–from the firms that are generally-speaking among the best financially-equipped to deal with cyber-risk–clearly illustrates that serious cybersecurity challenges remains severely unaddressed; it should not shock anyone if major firms continue to suffer significant breaches in the not so distant future.
I discussed the report with Malcolm Marshall, Global Head of Cyber Security at KPMG, who noted that part of the problem is that cyber-risk remains erratic–it is far more difficult to quantify than with most other risks, and it is much harder to know when one is truly adequately prepared to address cyber-attacks. It is far easier to anticipate what the likely magnitude of damage will be from a flood, for example, than from a cyber-breach.
Another interesting statistic that Marshall discussed with me is that American CEOs (making up about a third of the CEOs polled) were generally much more confident of their respective businesses’ abilities to fight off cyberattacks than were their peers in Europe and Asia, with 87% of CEOs in the USA expressing that their operations were ready to address major cyber incidents. While I suspect that some of these folks may be overconfident — how many times have organizations that thought that they were secure been successfully breached?–this sentiment clearly distinguishes the USA from the rest of the world. Of course, while 87% might sound like our country is well prepared, a situation in which 13% of CEOs believe that their firms are not prepared to withstand a cyber-attack is hardly ideal. Can you imagine if 13% of businesses with over $500M in revenue were suddenly breached?