Industry surveys by BDO and PwC have highlighted growing risks associated with cyber attacks, with the COVID pandemic providing a cyber reality check.
BDO’s national cyber security leader Leon Fouche said boards are more engaged than ever before.
“The pandemic forced industries and governments to make years of digital progress within months and has made many organisations realise they were overconfident and underprepared when it came to cyber risk,” he said.
“Never before has the modern world seen such a rapid, global rush to digitise business practices.”
The 2020 BDO and AusCERT cyber security survey found that data breaches more than doubled compared to the previous year.
Accidental disclosures by staff rose by almost 60 per cent while data breaches caused by malicious hacking increased by 91 per cent.
Mr Fouche said the increase was most likely caused by IT support challenges during remote working, and the lack of preparedness for increased cyber attacks during the pandemic.
The report identified that attacks targeted at supply chains are now over 50 per cent more likely than they were in 2016.
Cyber activity from foreign governments remained active through 2020, with attacks rising by 40 perf cent since 2019 and doubling since 2016.
Thirty per cent of public sector respondents reported that foreign governments were the most likely source of cyber security incidents in the past year.
Mr Fouche said company directors are more cyber engaged than ever before, with the BDO report showing an 18 per cent increase in cyber risk reporting to the board.
It also identified an 11 per cent increase in the appointment of chief information security officers (CISOs).
During 2020, one in four respondents invested in cyber security education awareness training.
The BDO and AusCERT report surveyed almost 500 respondents mainly in Australia and New Zealand.
PwC’s 24th CEO Survey, released last week, had some similar findings.
In particular, 95 per cent of Australian CEOs participating in the survey identified cyber risks as the top threat to business growth.
That was up from 86 per cent last year and made it the number one threat.
It found that Australian CEOs are tweaking their technology plans as a result of the pandemic.
They plan to increase investment over the next three years in digital transformation (79%) and cybersecurity and data privacy (78%).
PwC cybersecurity partner Nicola Nicol said the survey had some encouraging findings but more work was needed.
“We’ve seen an uplift in cyber attacks and issues since the pandemic and it is encouraging to see that cybersecurity has a renewed focus among Australian CEOs,” she said.
“Yet when it came down to measurement and reporting, only about a quarter of Australian CEOs on average said their organisation needs to do more to measure and report on cybersecurity and data privacy.
“A key step for businesses is being able to articulate cyber risk in a way that is meaningful to executives, directors and investors.
“It is more vital than ever to be able to interpret data, quantify cyber risk and explain how this relates back to specific business outcomes.”
Apart from cyber risk, CEOs said other threats to business growth were led by over-regulation, trade conflicts, protectionism and availability of key skills.