Our journey towards sustainability
6049BmzMV
6049BmzMV
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Our</strong> clients<br />
Key drivers: materiality top issues<br />
26<br />
Digital privacy and cybersecurity<br />
By creating new markets, new products<br />
and a better understanding of consumers,<br />
the digital world offers enormous potential.<br />
However, many organizations underestimate<br />
the associated risks and precautions,<br />
particularly in relation to digital privacy<br />
and cybersecurity. Eighty-eight percent of<br />
respondents to our Global Information<br />
Security Survey 2015 do not believe their<br />
information security fully meets the<br />
organization’s needs. From a customer’s<br />
perspective, the digitalization of data means<br />
a greater amount of private information at<br />
risk. Therefore, for organizations to move<br />
to a safer and more sustainable place<br />
in the digital world, it is necessary to apply<br />
a cyber-risk lens to everything they do.<br />
Understanding the challenges for cybersecurity<br />
53%<br />
2014<br />
59%<br />
2015<br />
59% see criminal<br />
syndicates as the most<br />
likely source of an<br />
attack today, compared<br />
with 53% in 2014<br />
This is particularly true as cybercrime<br />
grows in both prominence and sophistication,<br />
alarming regulators and corporate boards<br />
across our markets. The rise in costs of<br />
dealing with cybercrime, the certainty<br />
of attacks and public implications<br />
of those breaches means boards of<br />
FS organizations are now incorporating<br />
security in their risk appetite models.<br />
As regulators have become more engaged,<br />
the banking industry continues to face new<br />
regulatory demands, with the insurers next in<br />
line to face regulatory scrutiny. In light of this<br />
growing regulatory involvement, coupled with<br />
the rising costs of defending against attacks,<br />
cybercrime has become a board-level issue,<br />
often overseen by the CRO.<br />
53%<br />
2014<br />
57%<br />
2015<br />
57% say that lack of<br />
skilled resources is<br />
challenging information<br />
security’s contribution<br />
and value to the<br />
organization<br />
39%<br />
2014<br />
44%<br />
2015<br />
44% see phishing<br />
as the top threat today,<br />
compared with<br />
39% in 2014<br />
However, where the traditional “brick-wall”<br />
approach to protection may once have been<br />
sufficient, today it is no longer suitable,<br />
particularly when private company data<br />
is stored in multiple places and by third<br />
parties. Forty-two percent of respondents<br />
to our Global Information Security Survey<br />
2015 say that knowing all their assets is<br />
a key information security challenge.<br />
The starting point for organizations is<br />
situational awareness, understanding<br />
what their organization looks like to<br />
cyber attackers and determining what the<br />
attackers are targeting. Companies can use<br />
this information to prioritize what matters<br />
most, improving controls to protect and<br />
respond to attacks where appropriate,<br />
and insuring against others.<br />
88%<br />
of respondents do not<br />
believe their information<br />
security fully meets the<br />
organization’s needs<br />
Appendices <strong>Our</strong> communities <strong>Our</strong> people <strong>Our</strong> clients Introduction