Fear#1: Cyber Security
When PWC released their annual CEO Survey at the World Economic forum in Davos, Cyber Risk was number one on the fear list. This was followed by the lack of talent to meet this, and other, digital challenges. Last year, Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually by 2021 (Source: The Official 2017 Annual Cybercrime Report). As stated in the report “This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, and will be more profitable than the global trade of all major illegal drugs combined.”
With cyber criminals becoming increasingly audacious, cyber-attacks rarely go unnoticed and often make global headlines. Recent examples include:
· The Equifax data breach which affected 145 million people
· The modern processor flaw making all devices vulnerable to attack. Researchers, including a member of Google's Project Zero team, found that a design technique used in chips from Intel, ARM and others could allow hackers to access data from the memory on your device
· The NHS cyber-attack, which security specialists F-Secure, regard as probably the biggest ransomware attack in history.
Without recruiting the right talent, investing in ongoing training and people, and putting in place security procedures and processes, business runs significant cyber risks. These include:
· Reputational and economic damage as witnessed following the TalkTalk data breaches in 2014/2015. TalkTalk were (very publicly) fined £500,000 by regulators for both infringements and saw a fall in customer acquisition/retention numbers
· Damage to a company’s employer brand is also a very real risk. Digital, tech and other professionals will be mindful of their personal professional reputation, hence will want to work for businesses that will enhance their careers. Those who have suffered at the hands of the media following a well-publicised cyberattack will be regarded as tainted so may struggle to recruit and retain key staff, making matters worse.
Cyber Security is – quite rightly – Fear#1. Not only can it affect trading in the short term, but the associated reputational risk is significant when looked at in the context of customers, suppliers, regulators, other partners and stakeholders. The real risk of course is a company’s ability to attract and retain key staff once there has been a breach. For without key cyber security talent, a company’s ability to protect itself diminishes significantly.
Joanne Cumper is Digital and Data lead for Penna Executive Search [email protected]