Dive Brief:
- Corporate executives see cybersecurity as the top risk facing their businesses, according to a new survey.
- Cybersecurity is also executives’ top investment priority, the consulting firm Protiviti found in its annual executive perspectives report, published on Dec. 11.
- Third-party risks, which are closely associated with cybersecurity threats, ranked second on executives’ list of concerns.
Dive Insight:
In addition to topping the overall list of risk factors, cybersecurity was also the top concern across organizations of all sizes, the top concern of executives in most roles and the top concern for organizations in almost every geographic region.
Corporate leaders are “increasingly aware that cyber resilience must be embedded into enterprise strategy,” Protiviti said in its report, which was based on a survey of 1,540 board members and C-suite executives. “Addressing evolving cybersecurity threats must be treated as a strategic imperative, with organizations needing to integrate cyber risk metrics into C-suite and boardroom performance dashboards.”
Board members, chief financial officers and chief operating officers all identified cyber threats as the top risks to their businesses, as did chief information officers, chief technology officers and chief information security officers.
“This widespread prioritization underscores the almost universal recognition that cybersecurity is no longer a siloed IT issue but rather a strategic enterprise risk with implications for brand reputation, operational continuity and regulatory compliance,” Protiviti said, adding that its data suggested “a shared understanding of [cybersecurity’s] systemic nature and the need for cross-functional mitigation strategies.”
Interestingly, however, chief executive officers did not even rank cyber threats in their top five concerns. Instead, CEOs placed labor availability first, followed by retention and labor costs. Protiviti said it was understandable that global economic factors were driving CEOs’ thinking.
Cybersecurity also ranked highly among investment priorities for executives of most types, with COOs, CIOs, CISOs and, crucially, CFOs placing it in their top three.
There was geographical consistency in Protiviti’s findings as well. Cyber risks topped the list for executives in North America, Latin America, Europe and India, although they placed second in the Middle East and Africa, and they didn’t even make the top three in Asia. Meanwhile, executives in Australia and New Zealand didn’t even rank cyber threats in their top five.
Protiviti also specifically asked executives about their AI-related concerns, and again cybersecurity dominated their fears. Executives in virtually all roles said “risks related to data required for Al use and cybersecurity exposure” were one of their three biggest AI-related worries.
Not all industries worry equally about the cyber-related risks of AI tools. In the consumer products sector, executives ranked the threat second. In the energy sector, it ranked third, while in the health-care sector, it ranked first. In almost every sector that Protiviti analyzed, however, executives considered it one of their three biggest worries.