Cyber attack tops the list of risks that concern directors: Study
Cyber-attack and data loss/breach top the list of risks which are causing directors most concern, according to a survey titled “D&O: Personal Exposure to Global Risk” by Willis Towers Watson. These risks of cyber-attack and data loss have now overtaken regulatory and other investigations as the most concerning for directors. 51% of public companies this year said that they had experienced either a significant cyber-attack or a sizeable data loss in the past year. The comparable figure in 2017 was just 30%.
When asked to prioritize the risks facing their businesses, more than half of all those questioned (52%) described the risk of data loss, data breach or risks associated with the EU’s new General Data Protection Regulation (GDPR) as very or extremely concerning. Exactly 50% ranked cyber-attack as causing them the same level of anxiety. When combined – as the two risks are so often inter-related – they become a huge concern for business leaders. The recent fines imposed on supermarkets and the continuing reputational damage as a result of such breaches supports how seriously these are taken.
- 43% of large employers and 38% of listed companies have experienced a regulatory claim involving a director in the last 12 months; regulatory investigations, therefore, remain unsurprisingly in the top three risks
- The regulatory focus on personal accountability is changing company behavior, with 60% saying it is impacting decision-making processes
- 72% of public companies are worried about the current economic climate and 72% about geopolitical risks – an increase from the 59% who felt geopolitical uncertainties created a significant risk last year
- Health and safety legislation impacting on a company’s business is now a significant concern for 37% of respondents, as against just 18% of those surveyed last year.
“It is the breadth as well as the depth of the concerns expressed by senior managers in this survey which is striking. From health and safety to criminal activity and from increased risk of employment claims to climate change the spectrum of potential sources of liability for directors is wider than it has ever been," says Francis Kean, Executive Director, FINEX, Willis Towers Watson. For the first time, the presence of an active and increasingly sophisticated plaintiff’s bar ready to bring claims against directors anywhere in the world also features as a key concern, Kean adds.
Joanna Page, Partner, and Head of A&O’s Insurance Litigation group commented: For the first time, we see concerns dominated by the threats of cyber-attack and data loss – fears that are not new but are rapidly moving up the agenda. If you are a senior manager or director, it is important to be entirely comfortable about the scope of your personal liability protection. Be clear on your own responsibilities and reporting lines and brace for the renewed regulatory focus on individual conduct.”