More than fifty per cent of financial professionals rank cyber security as a high or very high risk to their organisation, however, two-thirds say their organisation does not have an absolute, up-to-date remediation plan in place that is regularly updated and tested, according to a survey released today by Chartered Accountants Australia and New Zealand (CA ANZ).
In conjunction with the Association of Chartered Certified Accountants, Macquarie University and Optus, the global survey of more than 1500 financial professionals found cyber security is not managed as a business risk and is too often left to IT specialists alone to handle.
One third of survey respondents did not know whether their organisation has been the subject of a cyber attack.
“Businesses and finance professionals need to recognise that cyber risk is one that is very relevant to them,” said Geraldine Magarey, CA ANZ Thought Leadership & Research Leader.
“Assessing cyber risk requires financial awareness to gauge the potential consequences of a breach, which can be measured in reputational damage, fines and the impact on shareholder and company value.”
“The quantification of cyber risk is not easy, but this is an area where financial professionals must take the lead given cyber attacks are a constant and success almost a given.”
Cyber crime is one of the biggest risks to businesses to date with estimated costs to reach $6 trillion globally by 2021.
Other survey findings:
- Financial services sector respondents rated their cyber risk as greater than other industry groups, with 68% placing the risk as very high or high.
- 41% said that they had governance policies but that they could be improved.
- CFOs were responsible for the strategic direction of cyber security in only 8% of organisations.
- 83% of respondents have no cyber insurance in place.